[cxf] branch 3.4.x-fixes updated (d381ecd -> 65ce246)

classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

[cxf] branch 3.4.x-fixes updated (d381ecd -> 65ce246)

coheigea
Administrator
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a change to branch 3.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git.


    from d381ecd  Update to Spring Boot 2.3.6.RELEASE
     new bb16d7c  Updating Jetty to 9.4.34.v20201102
     new 9a50c9a  Updating Spring Boot in samples to 2.3.6.RELEASE
     new 967544d  [CXF-8363]Jetty certificate hot reload throws exception due to usage of depreciated SslContextFactory
     new 269bcba  [CXF-8363]remove unnecessary @SuppressWarnings(deprecation)
     new c42d99a  cxf-services-sts-core: simplify tests using Collections.singletonList
     new 9db9dd6  cxf-rt-frontend-jaxrs: read stream directly
     new c222116  Guard against null return value from (#720)
     new d638b89  Jenkins: fix Maven ref
     new 6f774a0  Jenkins: fix JDK refs
     new 65ce246  Recording .gitmergeinfo Changes

The 10 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 .gitmergeinfo                                      |   1 +
 Jenkinsfile                                        |   4 +-
 distribution/src/main/release/samples/pom.xml      |   4 +-
 parent/pom.xml                                     |   2 +-
 .../org/apache/cxf/jaxrs/ext/xml/XMLSource.java    |   3 +-
 .../http_jetty/JettyHTTPServerEngine.java          |   4 +-
 .../apache/cxf/transport/udp/UDPDestination.java   |  23 ++--
 .../apache/cxf/transport/udp/UDPTransportTest.java |  12 +-
 .../sts/claims/mapper/JexlIssueSamlClaimsTest.java |  24 ++--
 .../cxf/sts/common/CustomAttributeProvider.java    |   2 +-
 .../apache/cxf/sts/common/CustomClaimsHandler.java |  21 ++--
 .../cxf/sts/common/CustomUserClaimsHandler.java    |  11 +-
 .../cxf/sts/operation/CancelSCTUnitTest.java       |   7 +-
 .../cxf/sts/operation/IssueEncryptedUnitTest.java  |  37 +++---
 .../cxf/sts/operation/IssueJWTClaimsUnitTest.java  |  44 ++-----
 .../sts/operation/IssueJWTOnbehalfofUnitTest.java  |  31 ++---
 .../cxf/sts/operation/IssueJWTRealmUnitTest.java   |  18 +--
 .../apache/cxf/sts/operation/IssueJWTUnitTest.java |   7 +-
 .../cxf/sts/operation/IssueOnbehalfofUnitTest.java | 137 ++++++++-------------
 .../apache/cxf/sts/operation/IssueSCTUnitTest.java |  17 +--
 .../cxf/sts/operation/IssueSamlClaimsUnitTest.java |  60 +++------
 .../cxf/sts/operation/IssueSamlRealmUnitTest.java  |  22 +---
 .../cxf/sts/operation/IssueSamlUnitTest.java       |  94 ++++++--------
 .../apache/cxf/sts/operation/IssueUnitTest.java    |  42 +++----
 .../cxf/sts/operation/RenewSamlUnitTest.java       |  40 ++----
 .../operation/ValidateJWTTransformationTest.java   |  42 +++----
 .../cxf/sts/operation/ValidateJWTUnitTest.java     |   9 +-
 .../cxf/sts/operation/ValidateSCTUnitTest.java     |   9 +-
 .../cxf/sts/operation/ValidateSamlUnitTest.java    |  14 +--
 .../ValidateTokenTransformationUnitTest.java       |  85 ++++---------
 .../apache/cxf/sts/operation/ValidateUnitTest.java |  28 ++---
 .../operation/ValidateUsernameTokenUnitTest.java   |  14 +--
 .../sts/operation/ValidateX509TokenUnitTest.java   |  14 +--
 .../cxf/sts/request/RequestParserUnitTest.java     |  15 +--
 .../cxf/sts/token/provider/SAMLClaimsTest.java     |  13 +-
 .../sts/token/provider/SAMLProviderActAsTest.java  |   4 +-
 .../sts/token/provider/SAMLProviderCustomTest.java |  37 +++---
 .../token/provider/SAMLProviderKeyTypeTest.java    |  10 +-
 .../token/provider/SAMLProviderOnBehalfOfTest.java |   5 +-
 .../cxf/sts/token/realm/RealmSupportTest.java      |  40 +++---
 .../sts/token/renewer/SAMLTokenRenewerPOPTest.java |  15 +--
 .../token/validator/SAMLTokenValidatorTest.java    |  15 +--
 .../cxf/ws/discovery/WSDiscoveryClientTest.java    |  30 ++---
 43 files changed, 383 insertions(+), 683 deletions(-)

Reply | Threaded
Open this post in threaded view
|

[cxf] 01/10: Updating Jetty to 9.4.34.v20201102

coheigea
Administrator
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch 3.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit bb16d7c44eb96b0ae6550ab68f9bf59de58a8d54
Author: Colm O hEigeartaigh <[hidden email]>
AuthorDate: Fri Nov 6 16:51:23 2020 +0000

    Updating Jetty to 9.4.34.v20201102
   
    (cherry picked from commit 743ef459be7a1a7d17cb3b67780daf06eb5356c2)
---
 distribution/src/main/release/samples/pom.xml | 2 +-
 parent/pom.xml                                | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/distribution/src/main/release/samples/pom.xml b/distribution/src/main/release/samples/pom.xml
index ff25530..af58c77 100644
--- a/distribution/src/main/release/samples/pom.xml
+++ b/distribution/src/main/release/samples/pom.xml
@@ -32,7 +32,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <spring.boot.version>2.3.5.RELEASE</spring.boot.version>
         <spring.cloud.eureka.version>2.2.3.RELEASE</spring.cloud.eureka.version>
-        <cxf.jetty9.version>9.4.33.v20201020</cxf.jetty9.version>
+        <cxf.jetty9.version>9.4.34.v20201102</cxf.jetty9.version>
         <cxf.httpcomponents.client.version>4.5.13</cxf.httpcomponents.client.version>
         <cxf.swagger.ui.version>3.32.1</cxf.swagger.ui.version>
         <cxf.tika.version>1.24.1</cxf.tika.version>
diff --git a/parent/pom.xml b/parent/pom.xml
index 749e288..91d7183 100644
--- a/parent/pom.xml
+++ b/parent/pom.xml
@@ -148,7 +148,7 @@
         <cxf.jdom.version>1.0</cxf.jdom.version>
         <cxf.jettison.version>1.4.1</cxf.jettison.version>
         <cxf.jetty.osgi.version>[9.2,10)</cxf.jetty.osgi.version>
-        <cxf.jetty9.version>9.4.33.v20201020</cxf.jetty9.version>
+        <cxf.jetty9.version>9.4.34.v20201102</cxf.jetty9.version>
         <cxf.jetty.version>${cxf.jetty9.version}</cxf.jetty.version>
         <cxf.jexl.version>3.1</cxf.jexl.version>
         <cxf.joda.time.version>2.9.4</cxf.joda.time.version>

Reply | Threaded
Open this post in threaded view
|

[cxf] 02/10: Updating Spring Boot in samples to 2.3.6.RELEASE

coheigea
Administrator
In reply to this post by coheigea
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch 3.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit 9a50c9af49a3d0291ca43213554d6e62eefbe13a
Author: Colm O hEigeartaigh <[hidden email]>
AuthorDate: Fri Nov 13 06:20:38 2020 +0000

    Updating Spring Boot in samples to 2.3.6.RELEASE
   
    (cherry picked from commit 884fbd1277f20b6fbad139cce68c5ae129557de6)
---
 distribution/src/main/release/samples/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/distribution/src/main/release/samples/pom.xml b/distribution/src/main/release/samples/pom.xml
index af58c77..3bf0885 100644
--- a/distribution/src/main/release/samples/pom.xml
+++ b/distribution/src/main/release/samples/pom.xml
@@ -30,7 +30,7 @@
         <!-- don't deploy the samples, kind of pointless -->
         <maven.deploy.skip>true</maven.deploy.skip>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <spring.boot.version>2.3.5.RELEASE</spring.boot.version>
+        <spring.boot.version>2.3.6.RELEASE</spring.boot.version>
         <spring.cloud.eureka.version>2.2.3.RELEASE</spring.cloud.eureka.version>
         <cxf.jetty9.version>9.4.34.v20201102</cxf.jetty9.version>
         <cxf.httpcomponents.client.version>4.5.13</cxf.httpcomponents.client.version>

Reply | Threaded
Open this post in threaded view
|

[cxf] 03/10: [CXF-8363]Jetty certificate hot reload throws exception due to usage of depreciated SslContextFactory

coheigea
Administrator
In reply to this post by coheigea
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch 3.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit 967544d92fde84d9b4e801d9a9cf95259f7f858e
Author: Freeman Fang <[hidden email]>
AuthorDate: Wed Nov 4 14:00:24 2020 -0500

    [CXF-8363]Jetty certificate hot reload throws exception due to usage of depreciated SslContextFactory
   
    (cherry picked from commit f5fe58b443c3b0a0c1a601691541709c9d49aa97)
---
 .../java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java b/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
index afbb406..b8a54e4 100644
--- a/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
+++ b/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
@@ -625,7 +625,7 @@ public class JettyHTTPServerEngine implements ServerEngine {
         // now we just use the SelectChannelConnector as the default connector
         SslContextFactory sslcf = null;
         if (tlsServerParameters != null) {
-            sslcf = new SslContextFactory() {
+            sslcf = new SslContextFactory.Server() {
                 protected void doStart() throws Exception {
                     setSslContext(createSSLContext(this));
                     super.doStart();

Reply | Threaded
Open this post in threaded view
|

[cxf] 04/10: [CXF-8363]remove unnecessary @SuppressWarnings(deprecation)

coheigea
Administrator
In reply to this post by coheigea
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch 3.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit 269bcbaac2f9907381a1520977aebd6470a5b9a8
Author: Freeman Fang <[hidden email]>
AuthorDate: Wed Nov 4 17:34:41 2020 -0500

    [CXF-8363]remove unnecessary @SuppressWarnings(deprecation)
   
    (cherry picked from commit 45942026722ff87f7fe6dbb71451309d52b0fdd1)
---
 .../java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java b/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
index b8a54e4..2636913 100644
--- a/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
+++ b/rt/transports/http-jetty/src/main/java/org/apache/cxf/transport/http_jetty/JettyHTTPServerEngine.java
@@ -620,7 +620,7 @@ public class JettyHTTPServerEngine implements ServerEngine {
         }
     }
 
-    @SuppressWarnings("deprecation")
+    
     private Connector createConnector(String hosto, int porto) {
         // now we just use the SelectChannelConnector as the default connector
         SslContextFactory sslcf = null;

Reply | Threaded
Open this post in threaded view
|

[cxf] 05/10: cxf-services-sts-core: simplify tests using Collections.singletonList

coheigea
Administrator
In reply to this post by coheigea
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch 3.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit c42d99ad5d7350eef2757ac8ffcd2efae074a941
Author: Alexey Markevich <[hidden email]>
AuthorDate: Thu Nov 5 16:50:58 2020 +0300

    cxf-services-sts-core: simplify tests using Collections.singletonList
   
    (cherry picked from commit 127c8a800b8912fe69a35e4ac5bbcb952693ea4a)
---
 .../sts/claims/mapper/JexlIssueSamlClaimsTest.java |  24 ++--
 .../cxf/sts/common/CustomAttributeProvider.java    |   2 +-
 .../apache/cxf/sts/common/CustomClaimsHandler.java |  21 ++--
 .../cxf/sts/common/CustomUserClaimsHandler.java    |  11 +-
 .../cxf/sts/operation/CancelSCTUnitTest.java       |   7 +-
 .../cxf/sts/operation/IssueEncryptedUnitTest.java  |  37 +++---
 .../cxf/sts/operation/IssueJWTClaimsUnitTest.java  |  44 ++-----
 .../sts/operation/IssueJWTOnbehalfofUnitTest.java  |  31 ++---
 .../cxf/sts/operation/IssueJWTRealmUnitTest.java   |  18 +--
 .../apache/cxf/sts/operation/IssueJWTUnitTest.java |   7 +-
 .../cxf/sts/operation/IssueOnbehalfofUnitTest.java | 137 ++++++++-------------
 .../apache/cxf/sts/operation/IssueSCTUnitTest.java |  17 +--
 .../cxf/sts/operation/IssueSamlClaimsUnitTest.java |  60 +++------
 .../cxf/sts/operation/IssueSamlRealmUnitTest.java  |  22 +---
 .../cxf/sts/operation/IssueSamlUnitTest.java       |  94 ++++++--------
 .../apache/cxf/sts/operation/IssueUnitTest.java    |  42 +++----
 .../cxf/sts/operation/RenewSamlUnitTest.java       |  40 ++----
 .../operation/ValidateJWTTransformationTest.java   |  42 +++----
 .../cxf/sts/operation/ValidateJWTUnitTest.java     |   9 +-
 .../cxf/sts/operation/ValidateSCTUnitTest.java     |   9 +-
 .../cxf/sts/operation/ValidateSamlUnitTest.java    |  14 +--
 .../ValidateTokenTransformationUnitTest.java       |  85 ++++---------
 .../apache/cxf/sts/operation/ValidateUnitTest.java |  28 ++---
 .../operation/ValidateUsernameTokenUnitTest.java   |  14 +--
 .../sts/operation/ValidateX509TokenUnitTest.java   |  14 +--
 .../cxf/sts/request/RequestParserUnitTest.java     |  15 +--
 .../cxf/sts/token/provider/SAMLClaimsTest.java     |  13 +-
 .../sts/token/provider/SAMLProviderActAsTest.java  |   4 +-
 .../sts/token/provider/SAMLProviderCustomTest.java |  37 +++---
 .../token/provider/SAMLProviderKeyTypeTest.java    |  10 +-
 .../token/provider/SAMLProviderOnBehalfOfTest.java |   5 +-
 .../cxf/sts/token/realm/RealmSupportTest.java      |  40 +++---
 .../sts/token/renewer/SAMLTokenRenewerPOPTest.java |  15 +--
 .../token/validator/SAMLTokenValidatorTest.java    |  15 +--
 34 files changed, 340 insertions(+), 643 deletions(-)

diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java
index 689f7de..ca1d398 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/claims/mapper/JexlIssueSamlClaimsTest.java
@@ -21,7 +21,6 @@ package org.apache.cxf.sts.claims.mapper;
 import java.io.IOException;
 import java.net.URI;
 import java.security.Principal;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
@@ -61,14 +60,12 @@ import org.apache.cxf.sts.token.delegation.SAMLDelegationHandler;
 import org.apache.cxf.sts.token.delegation.TokenDelegationHandler;
 import org.apache.cxf.sts.token.provider.AttributeStatementProvider;
 import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
-import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
 import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.sts.token.realm.Relationship;
 import org.apache.cxf.sts.token.validator.IssuerSAMLRealmCodec;
 import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
-import org.apache.cxf.sts.token.validator.TokenValidator;
 import org.apache.cxf.ws.security.sts.provider.model.ClaimsType;
 import org.apache.cxf.ws.security.sts.provider.model.OnBehalfOfType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType;
@@ -133,37 +130,30 @@ public class JexlIssueSamlClaimsTest {
         Map<String, RealmProperties> realms = createSamlRealms();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
         samlTokenProvider.setRealmMap(realms);
-        List<AttributeStatementProvider> customProviderList = new ArrayList<>();
-        customProviderList.add(new ClaimsAttributeStatementProvider());
-        samlTokenProvider.setAttributeStatementProviders(customProviderList);
-        providerList.add(samlTokenProvider);
-        issueOperation.setTokenProviders(providerList);
+        samlTokenProvider.setAttributeStatementProviders(Collections.singletonList(
+            new ClaimsAttributeStatementProvider()));
+        issueOperation.setTokenProviders(Collections.singletonList(samlTokenProvider));
 
         TokenDelegationHandler delegationHandler = new SAMLDelegationHandler();
         issueOperation.setDelegationHandlers(Collections.singletonList(delegationHandler));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
         SAMLTokenValidator samlTokenValidator = new SAMLTokenValidator();
         samlTokenValidator.setSamlRealmCodec(new IssuerSAMLRealmCodec());
-        validatorList.add(samlTokenValidator);
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(samlTokenValidator));
 
         addService(issueOperation);
 
         // Add Relationship list
-        List<Relationship> relationshipList = new ArrayList<>();
         Relationship rs = createRelationship();
-        relationshipList.add(rs);
 
         // Add STSProperties object
         Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
         STSPropertiesMBean stsProperties = createSTSPropertiesMBean(crypto);
         stsProperties.setRealmParser(new CustomRealmParser());
-        stsProperties.setRelationships(relationshipList);
+        stsProperties.setRelationships(Collections.singletonList(rs));
         issueOperation.setStsProperties(stsProperties);
 
         // Set the ClaimsManager
@@ -325,8 +315,8 @@ public class JexlIssueSamlClaimsTest {
 
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
         samlTokenProvider.setRealmMap(realms);
-        List<AttributeStatementProvider> customProviderList = new ArrayList<>();
-        customProviderList.add(new ClaimsAttributeStatementProvider());
+        List<AttributeStatementProvider> customProviderList = Collections.singletonList(
+            new ClaimsAttributeStatementProvider());
         samlTokenProvider.setAttributeStatementProviders(customProviderList);
 
         TokenProviderParameters providerParameters = createProviderParameters(tokenType,
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomAttributeProvider.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomAttributeProvider.java
index 7c38100..9c5904a 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomAttributeProvider.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomAttributeProvider.java
@@ -101,7 +101,7 @@ public class CustomAttributeProvider implements AttributeStatementProvider {
     /**
      * Create a default attribute
      */
-    private AttributeBean createDefaultAttribute(String tokenType) {
+    private static AttributeBean createDefaultAttribute(String tokenType) {
         AttributeBean attributeBean = new AttributeBean();
 
         if (WSS4JConstants.WSS_SAML2_TOKEN_TYPE.equals(tokenType)
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java
index 5453f40..891073d 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomClaimsHandler.java
@@ -19,7 +19,7 @@
 package org.apache.cxf.sts.common;
 
 import java.security.Principal;
-import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.List;
 
 import org.apache.cxf.rt.security.claims.Claim;
@@ -43,21 +43,18 @@ public class CustomClaimsHandler implements ClaimsHandler {
 
     public static final String ROLE_CLAIM =
             "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/role";
-    private static List<String> knownURIs = new ArrayList<>();
-
-    static {
-        knownURIs.add(ClaimTypes.FIRSTNAME.toString());
-        knownURIs.add(ClaimTypes.LASTNAME.toString());
-        knownURIs.add(ClaimTypes.EMAILADDRESS.toString());
-        knownURIs.add(ClaimTypes.STREETADDRESS.toString());
-        knownURIs.add(ClaimTypes.MOBILEPHONE.toString());
-        knownURIs.add(ROLE_CLAIM);
-    }
+    private static final List<String> SUPPORTED_CLAIM_TYPES = Arrays.asList(
+        ClaimTypes.FIRSTNAME.toString(),
+        ClaimTypes.LASTNAME.toString(),
+        ClaimTypes.EMAILADDRESS.toString(),
+        ClaimTypes.STREETADDRESS.toString(),
+        ClaimTypes.MOBILEPHONE.toString(),
+        ROLE_CLAIM);
 
     private String role = "DUMMY";
 
     public List<String> getSupportedClaimTypes() {
-        return knownURIs;
+        return SUPPORTED_CLAIM_TYPES;
     }
 
     public ProcessedClaimCollection retrieveClaimValues(
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomUserClaimsHandler.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomUserClaimsHandler.java
index c4e837a..19a8d71 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomUserClaimsHandler.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/common/CustomUserClaimsHandler.java
@@ -18,7 +18,7 @@
  */
 package org.apache.cxf.sts.common;
 
-import java.util.ArrayList;
+import java.util.Collections;
 import java.util.List;
 
 import org.apache.cxf.rt.security.claims.Claim;
@@ -34,14 +34,11 @@ import org.apache.cxf.sts.claims.ProcessedClaimCollection;
  */
 public class CustomUserClaimsHandler implements ClaimsHandler {
 
-    private static List<String> knownURIs = new ArrayList<>();
-
-    static {
-        knownURIs.add(ClaimTypes.FIRSTNAME.toString());
-    }
+    private static final List<String> SUPPORTED_CLAIM_TYPES = Collections.singletonList(
+        ClaimTypes.FIRSTNAME.toString());
 
     public List<String> getSupportedClaimTypes() {
-        return knownURIs;
+        return SUPPORTED_CLAIM_TYPES;
     }
 
     public ProcessedClaimCollection retrieveClaimValues(
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/CancelSCTUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/CancelSCTUnitTest.java
index 0b67171..d8975d8 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/CancelSCTUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/CancelSCTUnitTest.java
@@ -19,8 +19,7 @@
 package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
-import java.util.ArrayList;
-import java.util.List;
+import java.util.Collections;
 import java.util.Properties;
 
 import javax.xml.bind.JAXBElement;
@@ -88,11 +87,9 @@ public class CancelSCTUnitTest {
         cancelOperation.setTokenStore(tokenStore);
 
         // Add Token Canceller
-        List<TokenCanceller> cancellerList = new ArrayList<>();
         TokenCanceller sctCanceller = new SCTCanceller();
         sctCanceller.setVerifyProofOfPossession(false);
-        cancellerList.add(sctCanceller);
-        cancelOperation.setTokenCancellers(cancellerList);
+        cancelOperation.setTokenCancellers(Collections.singletonList(sctCanceller));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueEncryptedUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueEncryptedUnitTest.java
index 8ba4e81..e462555 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueEncryptedUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueEncryptedUnitTest.java
@@ -18,7 +18,6 @@
  */
 package org.apache.cxf.sts.operation;
 
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 import java.util.Properties;
@@ -38,7 +37,6 @@ import org.apache.cxf.sts.common.PasswordCallbackHandler;
 import org.apache.cxf.sts.service.EncryptionProperties;
 import org.apache.cxf.sts.service.ServiceMBean;
 import org.apache.cxf.sts.service.StaticService;
-import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.test.TestUtilities;
 import org.apache.cxf.ws.security.sts.provider.STSException;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType;
@@ -72,9 +70,8 @@ public class IssueEncryptedUnitTest {
         issueOperation.setEncryptIssuedToken(true);
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new DummyTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new DummyTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -124,9 +121,8 @@ public class IssueEncryptedUnitTest {
         issueOperation.setEncryptIssuedToken(true);
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new DummyTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new DummyTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -184,9 +180,8 @@ public class IssueEncryptedUnitTest {
         issueOperation.setEncryptIssuedToken(true);
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new DummyTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new DummyTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -242,9 +237,8 @@ public class IssueEncryptedUnitTest {
         issueOperation.setEncryptIssuedToken(true);
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new DummyTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new DummyTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -321,9 +315,8 @@ public class IssueEncryptedUnitTest {
         issueOperation.setEncryptIssuedToken(true);
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new DummyTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new DummyTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -390,9 +383,8 @@ public class IssueEncryptedUnitTest {
         issueOperation.setEncryptIssuedToken(true);
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new DummyTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new DummyTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -464,9 +456,8 @@ public class IssueEncryptedUnitTest {
         issueOperation.setEncryptIssuedToken(true);
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new DummyTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new DummyTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTClaimsUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTClaimsUnitTest.java
index 7a38708..024584f 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTClaimsUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTClaimsUnitTest.java
@@ -20,7 +20,6 @@ package org.apache.cxf.sts.operation;
 
 import java.net.URI;
 import java.security.Principal;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
@@ -62,9 +61,7 @@ import org.apache.cxf.sts.service.ServiceMBean;
 import org.apache.cxf.sts.service.StaticService;
 import org.apache.cxf.sts.token.delegation.SAMLDelegationHandler;
 import org.apache.cxf.sts.token.delegation.TokenDelegationHandler;
-import org.apache.cxf.sts.token.provider.AttributeStatementProvider;
 import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
-import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
 import org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider;
@@ -72,7 +69,6 @@ import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.sts.token.realm.Relationship;
 import org.apache.cxf.sts.token.validator.IssuerSAMLRealmCodec;
 import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
-import org.apache.cxf.sts.token.validator.TokenValidator;
 import org.apache.cxf.ws.security.sts.provider.model.ClaimsType;
 import org.apache.cxf.ws.security.sts.provider.model.OnBehalfOfType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType;
@@ -111,9 +107,8 @@ public class IssueJWTClaimsUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new JWTTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new JWTTokenProvider()));
 
         addService(issueOperation);
 
@@ -227,9 +222,8 @@ public class IssueJWTClaimsUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new JWTTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new JWTTokenProvider()));
 
         addService(issueOperation);
 
@@ -304,35 +298,29 @@ public class IssueJWTClaimsUnitTest {
         Map<String, RealmProperties> realms = createSamlRealms();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         JWTTokenProvider tokenProvider = new JWTTokenProvider();
         tokenProvider.setRealmMap(realms);
-        providerList.add(tokenProvider);
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(tokenProvider));
 
         TokenDelegationHandler delegationHandler = new SAMLDelegationHandler();
         issueOperation.setDelegationHandlers(Collections.singletonList(delegationHandler));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
         SAMLTokenValidator samlTokenValidator = new SAMLTokenValidator();
         samlTokenValidator.setSamlRealmCodec(new IssuerSAMLRealmCodec());
-        validatorList.add(samlTokenValidator);
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(samlTokenValidator));
 
         addService(issueOperation);
 
         // Add Relationship list
-        List<Relationship> relationshipList = new ArrayList<>();
         Relationship rs = createRelationship();
-        relationshipList.add(rs);
 
         // Add STSProperties object
         Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
         STSPropertiesMBean stsProperties = createSTSPropertiesMBean(crypto);
         stsProperties.setRealmParser(new CustomRealmParser());
         stsProperties.setIdentityMapper(new CustomIdentityMapper());
-        stsProperties.setRelationships(relationshipList);
+        stsProperties.setRelationships(Collections.singletonList(rs));
         issueOperation.setStsProperties(stsProperties);
 
         // Set the ClaimsManager
@@ -453,30 +441,24 @@ public class IssueJWTClaimsUnitTest {
         Map<String, RealmProperties> realms = createSamlRealms();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         JWTTokenProvider tokenProvider = new JWTTokenProvider();
         tokenProvider.setRealmMap(realms);
-        providerList.add(tokenProvider);
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(tokenProvider));
 
         TokenDelegationHandler delegationHandler = new SAMLDelegationHandler();
         issueOperation.setDelegationHandlers(Collections.singletonList(delegationHandler));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
         SAMLTokenValidator samlTokenValidator = new SAMLTokenValidator();
         samlTokenValidator.setSamlRealmCodec(new IssuerSAMLRealmCodec());
-        validatorList.add(samlTokenValidator);
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(samlTokenValidator));
 
         addService(issueOperation);
 
         // Add Relationship list
-        List<Relationship> relationshipList = new ArrayList<>();
         Relationship rs = createRelationship();
         rs.setType(Relationship.FED_TYPE_IDENTITY);
         rs.setIdentityMapper(new CustomIdentityMapper());
-        relationshipList.add(rs);
 
         // Add STSProperties object
         Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
@@ -486,7 +468,7 @@ public class IssueJWTClaimsUnitTest {
         if (useGlobalIdentityMapper) {
             stsProperties.setIdentityMapper(new CustomIdentityMapper());
         } else {
-            stsProperties.setRelationships(relationshipList);
+            stsProperties.setRelationships(Collections.singletonList(rs));
         }
 
         issueOperation.setStsProperties(stsProperties);
@@ -703,10 +685,8 @@ public class IssueJWTClaimsUnitTest {
 
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
         samlTokenProvider.setRealmMap(realms);
-        List<AttributeStatementProvider> customProviderList =
-            new ArrayList<>();
-        customProviderList.add(new ClaimsAttributeStatementProvider());
-        samlTokenProvider.setAttributeStatementProviders(customProviderList);
+        samlTokenProvider.setAttributeStatementProviders(Collections.singletonList(
+            new ClaimsAttributeStatementProvider()));
 
         TokenProviderParameters providerParameters =
             createProviderParameters(
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTOnbehalfofUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTOnbehalfofUnitTest.java
index 866c2ed..a738094 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTOnbehalfofUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTOnbehalfofUnitTest.java
@@ -19,7 +19,6 @@
 package org.apache.cxf.sts.operation;
 
 import java.security.cert.X509Certificate;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
@@ -53,14 +52,12 @@ import org.apache.cxf.sts.token.delegation.SAMLDelegationHandler;
 import org.apache.cxf.sts.token.delegation.TokenDelegationHandler;
 import org.apache.cxf.sts.token.delegation.UsernameTokenDelegationHandler;
 import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
-import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
 import org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider;
 import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.sts.token.validator.IssuerSAMLRealmCodec;
 import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
-import org.apache.cxf.sts.token.validator.TokenValidator;
 import org.apache.cxf.sts.token.validator.UsernameTokenValidator;
 import org.apache.cxf.ws.security.sts.provider.STSException;
 import org.apache.cxf.ws.security.sts.provider.model.OnBehalfOfType;
@@ -101,14 +98,12 @@ public class IssueJWTOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new JWTTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new JWTTokenProvider()));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -191,14 +186,12 @@ public class IssueJWTOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new JWTTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new JWTTokenProvider()));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new UsernameTokenValidator());
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(
+            new UsernameTokenValidator()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -289,20 +282,16 @@ public class IssueJWTOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         JWTTokenProvider tokenProvider = new JWTTokenProvider();
-        providerList.add(tokenProvider);
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(tokenProvider));
 
         TokenDelegationHandler delegationHandler = new SAMLDelegationHandler();
         issueOperation.setDelegationHandlers(Collections.singletonList(delegationHandler));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
         SAMLTokenValidator samlTokenValidator = new SAMLTokenValidator();
         samlTokenValidator.setSamlRealmCodec(new IssuerSAMLRealmCodec());
-        validatorList.add(samlTokenValidator);
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(samlTokenValidator));
 
         // Add Service
         ServiceMBean service = new StaticService();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTRealmUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTRealmUnitTest.java
index 18c5576..0280acb 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTRealmUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTRealmUnitTest.java
@@ -20,7 +20,6 @@ package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
 import java.security.cert.X509Certificate;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
@@ -48,7 +47,6 @@ import org.apache.cxf.sts.StaticSTSProperties;
 import org.apache.cxf.sts.common.PasswordCallbackHandler;
 import org.apache.cxf.sts.service.ServiceMBean;
 import org.apache.cxf.sts.service.StaticService;
-import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider;
 import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.ws.security.sts.provider.STSException;
@@ -89,11 +87,9 @@ public class IssueJWTRealmUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         JWTTokenProvider provider = new JWTTokenProvider();
         provider.setRealmMap(createRealms());
-        providerList.add(provider);
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(provider));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -162,11 +158,9 @@ public class IssueJWTRealmUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         JWTTokenProvider provider = new JWTTokenProvider();
         provider.setRealmMap(createRealms());
-        providerList.add(provider);
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(provider));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -235,11 +229,9 @@ public class IssueJWTRealmUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         JWTTokenProvider provider = new JWTTokenProvider();
         provider.setRealmMap(createRealms());
-        providerList.add(provider);
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(provider));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -310,11 +302,9 @@ public class IssueJWTRealmUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         JWTTokenProvider provider = new JWTTokenProvider();
         provider.setRealmMap(createRealms());
-        providerList.add(provider);
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(provider));
 
         // Add Service
         ServiceMBean service = new StaticService();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java
index 3dd6ea6..a6c896b 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueJWTUnitTest.java
@@ -20,7 +20,6 @@ package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
 import java.security.cert.X509Certificate;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 import java.util.Properties;
@@ -47,7 +46,6 @@ import org.apache.cxf.sts.cache.DefaultInMemoryTokenStore;
 import org.apache.cxf.sts.common.PasswordCallbackHandler;
 import org.apache.cxf.sts.service.ServiceMBean;
 import org.apache.cxf.sts.service.StaticService;
-import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
@@ -96,9 +94,8 @@ public class IssueJWTUnitTest {
         issueOperation.setTokenStore(tokenStore);
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new JWTTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new JWTTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueOnbehalfofUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueOnbehalfofUnitTest.java
index c67f65e..a3f88a4 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueOnbehalfofUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueOnbehalfofUnitTest.java
@@ -20,7 +20,6 @@ package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
 import java.security.cert.X509Certificate;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
@@ -58,15 +57,12 @@ import org.apache.cxf.sts.token.delegation.HOKDelegationHandler;
 import org.apache.cxf.sts.token.delegation.SAMLDelegationHandler;
 import org.apache.cxf.sts.token.delegation.TokenDelegationHandler;
 import org.apache.cxf.sts.token.delegation.UsernameTokenDelegationHandler;
-import org.apache.cxf.sts.token.provider.AttributeStatementProvider;
 import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
-import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
 import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.sts.token.validator.IssuerSAMLRealmCodec;
 import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
-import org.apache.cxf.sts.token.validator.TokenValidator;
 import org.apache.cxf.sts.token.validator.UsernameTokenValidator;
 import org.apache.cxf.ws.security.sts.provider.STSException;
 import org.apache.cxf.ws.security.sts.provider.model.ClaimsType;
@@ -110,14 +106,12 @@ public class IssueOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -181,14 +175,12 @@ public class IssueOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -252,14 +244,12 @@ public class IssueOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -333,14 +323,12 @@ public class IssueOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -414,14 +402,12 @@ public class IssueOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -495,14 +481,12 @@ public class IssueOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -578,14 +562,12 @@ public class IssueOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -656,14 +638,12 @@ public class IssueOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         TokenDelegationHandler delegationHandler = new SAMLDelegationHandler();
         issueOperation.setDelegationHandlers(Collections.singletonList(delegationHandler));
@@ -732,14 +712,12 @@ public class IssueOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new UsernameTokenValidator());
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(
+            new UsernameTokenValidator()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -810,14 +788,12 @@ public class IssueOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new UsernameTokenValidator());
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(
+            new UsernameTokenValidator()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -882,20 +858,16 @@ public class IssueOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
-        providerList.add(samlTokenProvider);
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(samlTokenProvider));
 
         TokenDelegationHandler delegationHandler = new SAMLDelegationHandler();
         issueOperation.setDelegationHandlers(Collections.singletonList(delegationHandler));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
         SAMLTokenValidator samlTokenValidator = new SAMLTokenValidator();
         samlTokenValidator.setSamlRealmCodec(new IssuerSAMLRealmCodec());
-        validatorList.add(samlTokenValidator);
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(samlTokenValidator));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -992,14 +964,12 @@ public class IssueOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -1089,19 +1059,14 @@ public class IssueOnbehalfofUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        List<AttributeStatementProvider> customProviderList =
-            new ArrayList<>();
-        customProviderList.add(new ClaimsAttributeStatementProvider());
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
-        samlTokenProvider.setAttributeStatementProviders(customProviderList);
-        providerList.add(samlTokenProvider);
-        issueOperation.setTokenProviders(providerList);
+        samlTokenProvider.setAttributeStatementProviders(Collections.singletonList(
+            new ClaimsAttributeStatementProvider()));
+        issueOperation.setTokenProviders(Collections.singletonList(samlTokenProvider));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add Service
         ServiceMBean service = new StaticService();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSCTUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSCTUnitTest.java
index e5fb9f4..4d688f2 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSCTUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSCTUnitTest.java
@@ -19,7 +19,6 @@
 package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 import java.util.Properties;
@@ -44,7 +43,6 @@ import org.apache.cxf.sts.service.EncryptionProperties;
 import org.apache.cxf.sts.service.ServiceMBean;
 import org.apache.cxf.sts.service.StaticService;
 import org.apache.cxf.sts.token.provider.SCTProvider;
-import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.test.TestUtilities;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
@@ -99,9 +97,8 @@ public class IssueSCTUnitTest {
         issueOperation.setTokenStore(tokenStore);
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SCTProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SCTProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -172,9 +169,8 @@ public class IssueSCTUnitTest {
         issueOperation.setEncryptIssuedToken(true);
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SCTProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SCTProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -251,9 +247,8 @@ public class IssueSCTUnitTest {
         issueOperation.setReturnReferences(false);
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SCTProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SCTProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java
index 5683ed8..b53892b 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlClaimsUnitTest.java
@@ -20,7 +20,6 @@ package org.apache.cxf.sts.operation;
 
 import java.net.URI;
 import java.security.Principal;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
@@ -62,16 +61,13 @@ import org.apache.cxf.sts.service.ServiceMBean;
 import org.apache.cxf.sts.service.StaticService;
 import org.apache.cxf.sts.token.delegation.SAMLDelegationHandler;
 import org.apache.cxf.sts.token.delegation.TokenDelegationHandler;
-import org.apache.cxf.sts.token.provider.AttributeStatementProvider;
 import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
-import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
 import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.sts.token.realm.Relationship;
 import org.apache.cxf.sts.token.validator.IssuerSAMLRealmCodec;
 import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
-import org.apache.cxf.sts.token.validator.TokenValidator;
 import org.apache.cxf.ws.security.sts.provider.model.ClaimsType;
 import org.apache.cxf.ws.security.sts.provider.model.OnBehalfOfType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType;
@@ -391,16 +387,11 @@ public class IssueSamlClaimsUnitTest {
     /**
      * @param issueOperation
      */
-    private void addTokenProvider(TokenIssueOperation issueOperation) {
-        List<TokenProvider> providerList = new ArrayList<>();
-
-        List<AttributeStatementProvider> customProviderList =
-            new ArrayList<>();
-        customProviderList.add(new CustomAttributeProvider());
+    private static void addTokenProvider(TokenIssueOperation issueOperation) {
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
-        samlTokenProvider.setAttributeStatementProviders(customProviderList);
-        providerList.add(samlTokenProvider);
-        issueOperation.setTokenProviders(providerList);
+        samlTokenProvider.setAttributeStatementProviders(Collections.singletonList(
+            new CustomAttributeProvider()));
+        issueOperation.setTokenProviders(Collections.singletonList(samlTokenProvider));
     }
 
     /**
@@ -485,39 +476,32 @@ public class IssueSamlClaimsUnitTest {
         Map<String, RealmProperties> realms = createSamlRealms();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
         samlTokenProvider.setRealmMap(realms);
-        List<AttributeStatementProvider> customProviderList =
-            new ArrayList<>();
-        customProviderList.add(new ClaimsAttributeStatementProvider());
-        samlTokenProvider.setAttributeStatementProviders(customProviderList);
-        providerList.add(samlTokenProvider);
-        issueOperation.setTokenProviders(providerList);
+        samlTokenProvider.setAttributeStatementProviders(Collections.singletonList(
+            new ClaimsAttributeStatementProvider()));
+        issueOperation.setTokenProviders(Collections.singletonList(samlTokenProvider));
 
         TokenDelegationHandler delegationHandler = new SAMLDelegationHandler();
         issueOperation.setDelegationHandlers(Collections.singletonList(delegationHandler));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
         SAMLTokenValidator samlTokenValidator = new SAMLTokenValidator();
         samlTokenValidator.setSamlRealmCodec(new IssuerSAMLRealmCodec());
-        validatorList.add(samlTokenValidator);
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(
+            samlTokenValidator));
 
         addService(issueOperation);
 
         // Add Relationship list
-        List<Relationship> relationshipList = new ArrayList<>();
         Relationship rs = createRelationship();
-        relationshipList.add(rs);
 
         // Add STSProperties object
         Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
         STSPropertiesMBean stsProperties = createSTSPropertiesMBean(crypto);
         stsProperties.setRealmParser(new CustomRealmParser());
         stsProperties.setIdentityMapper(new CustomIdentityMapper());
-        stsProperties.setRelationships(relationshipList);
+        stsProperties.setRelationships(Collections.singletonList(rs));
         issueOperation.setStsProperties(stsProperties);
 
         // Set the ClaimsManager
@@ -632,34 +616,26 @@ public class IssueSamlClaimsUnitTest {
         Map<String, RealmProperties> realms = createSamlRealms();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
         samlTokenProvider.setRealmMap(realms);
-        List<AttributeStatementProvider> customProviderList =
-            new ArrayList<>();
-        customProviderList.add(new ClaimsAttributeStatementProvider());
-        samlTokenProvider.setAttributeStatementProviders(customProviderList);
-        providerList.add(samlTokenProvider);
-        issueOperation.setTokenProviders(providerList);
+        samlTokenProvider.setAttributeStatementProviders(Collections.singletonList(
+            new ClaimsAttributeStatementProvider()));
+        issueOperation.setTokenProviders(Collections.singletonList(samlTokenProvider));
 
         TokenDelegationHandler delegationHandler = new SAMLDelegationHandler();
         issueOperation.setDelegationHandlers(Collections.singletonList(delegationHandler));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
         SAMLTokenValidator samlTokenValidator = new SAMLTokenValidator();
         samlTokenValidator.setSamlRealmCodec(new IssuerSAMLRealmCodec());
-        validatorList.add(samlTokenValidator);
-        issueOperation.setTokenValidators(validatorList);
+        issueOperation.setTokenValidators(Collections.singletonList(samlTokenValidator));
 
         addService(issueOperation);
 
         // Add Relationship list
-        List<Relationship> relationshipList = new ArrayList<>();
         Relationship rs = createRelationship();
         rs.setType(Relationship.FED_TYPE_IDENTITY);
         rs.setIdentityMapper(new CustomIdentityMapper());
-        relationshipList.add(rs);
 
         // Add STSProperties object
         Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
@@ -669,7 +645,7 @@ public class IssueSamlClaimsUnitTest {
         if (useGlobalIdentityMapper) {
             stsProperties.setIdentityMapper(new CustomIdentityMapper());
         } else {
-            stsProperties.setRelationships(relationshipList);
+            stsProperties.setRelationships(Collections.singletonList(rs));
         }
 
         issueOperation.setStsProperties(stsProperties);
@@ -907,10 +883,8 @@ public class IssueSamlClaimsUnitTest {
 
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
         samlTokenProvider.setRealmMap(realms);
-        List<AttributeStatementProvider> customProviderList =
-            new ArrayList<>();
-        customProviderList.add(new ClaimsAttributeStatementProvider());
-        samlTokenProvider.setAttributeStatementProviders(customProviderList);
+        samlTokenProvider.setAttributeStatementProviders(Collections.singletonList(
+            new ClaimsAttributeStatementProvider()));
 
         TokenProviderParameters providerParameters =
             createProviderParameters(
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlRealmUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlRealmUnitTest.java
index 4a937e5..9a01668 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlRealmUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlRealmUnitTest.java
@@ -19,7 +19,6 @@
 package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
@@ -44,7 +43,6 @@ import org.apache.cxf.sts.common.PasswordCallbackHandler;
 import org.apache.cxf.sts.service.ServiceMBean;
 import org.apache.cxf.sts.service.StaticService;
 import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
-import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.test.TestUtilities;
 import org.apache.cxf.ws.security.sts.provider.STSException;
@@ -83,11 +81,9 @@ public class IssueSamlRealmUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         SAMLTokenProvider provider = new SAMLTokenProvider();
         provider.setRealmMap(createRealms());
-        providerList.add(provider);
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(provider));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -159,11 +155,9 @@ public class IssueSamlRealmUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         SAMLTokenProvider provider = new SAMLTokenProvider();
         provider.setRealmMap(createRealms());
-        providerList.add(provider);
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(provider));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -235,11 +229,9 @@ public class IssueSamlRealmUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         SAMLTokenProvider provider = new SAMLTokenProvider();
         provider.setRealmMap(createRealms());
-        providerList.add(provider);
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(provider));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -313,11 +305,9 @@ public class IssueSamlRealmUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         SAMLTokenProvider provider = new SAMLTokenProvider();
         provider.setRealmMap(createRealms());
-        providerList.add(provider);
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(provider));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -412,11 +402,9 @@ public class IssueSamlRealmUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         SAMLTokenProvider provider = new SAMLTokenProvider();
         provider.setRealmMap(createRealms());
-        providerList.add(provider);
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(provider));
 
         // Add Service
         ServiceMBean service = new StaticService();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
index ca8f151..f97f9a0 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueSamlUnitTest.java
@@ -20,7 +20,7 @@ package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
 import java.security.cert.X509Certificate;
-import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Base64;
 import java.util.Collections;
 import java.util.List;
@@ -49,7 +49,6 @@ import org.apache.cxf.sts.service.EncryptionProperties;
 import org.apache.cxf.sts.service.ServiceMBean;
 import org.apache.cxf.sts.service.StaticService;
 import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
-import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.test.TestUtilities;
 import org.apache.cxf.ws.security.sts.provider.STSException;
 import org.apache.cxf.ws.security.sts.provider.model.BinarySecretType;
@@ -114,9 +113,8 @@ public class IssueSamlUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -186,9 +184,8 @@ public class IssueSamlUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -259,9 +256,8 @@ public class IssueSamlUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -331,9 +327,8 @@ public class IssueSamlUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -434,9 +429,8 @@ public class IssueSamlUnitTest {
         issueOperation.setEncryptIssuedToken(true);
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -511,9 +505,8 @@ public class IssueSamlUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -602,9 +595,8 @@ public class IssueSamlUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -700,9 +692,8 @@ public class IssueSamlUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -792,9 +783,8 @@ public class IssueSamlUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -913,9 +903,8 @@ public class IssueSamlUnitTest {
         issueOperation.setReturnReferences(false);
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -980,9 +969,8 @@ public class IssueSamlUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -1000,10 +988,9 @@ public class IssueSamlUnitTest {
         stsProperties.setIssuer("STS");
 
         SignatureProperties sigProperties = new SignatureProperties();
-        List<String> acceptedC14nAlgorithms = new ArrayList<>();
-        acceptedC14nAlgorithms.add(WSS4JConstants.C14N_EXCL_OMIT_COMMENTS);
-        acceptedC14nAlgorithms.add(WSS4JConstants.C14N_EXCL_WITH_COMMENTS);
-        sigProperties.setAcceptedC14nAlgorithms(acceptedC14nAlgorithms);
+        sigProperties.setAcceptedC14nAlgorithms(Arrays.asList(
+            WSS4JConstants.C14N_EXCL_OMIT_COMMENTS,
+            WSS4JConstants.C14N_EXCL_WITH_COMMENTS));
         stsProperties.setSignatureProperties(sigProperties);
 
         issueOperation.setStsProperties(stsProperties);
@@ -1070,9 +1057,8 @@ public class IssueSamlUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -1090,11 +1076,10 @@ public class IssueSamlUnitTest {
         stsProperties.setIssuer("STS");
 
         SignatureProperties sigProperties = new SignatureProperties();
-        List<String> acceptedSignatureAlgorithms = new ArrayList<>();
-        String signatureAlgorithm = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256";
-        acceptedSignatureAlgorithms.add(signatureAlgorithm);
-        acceptedSignatureAlgorithms.add(WSS4JConstants.RSA_SHA1);
-        sigProperties.setAcceptedSignatureAlgorithms(acceptedSignatureAlgorithms);
+        final String signatureAlgorithm = WSS4JConstants.RSA_SHA256;
+        sigProperties.setAcceptedSignatureAlgorithms(Arrays.asList(
+            signatureAlgorithm,
+            WSS4JConstants.RSA_SHA1));
         stsProperties.setSignatureProperties(sigProperties);
 
         issueOperation.setStsProperties(stsProperties);
@@ -1157,9 +1142,8 @@ public class IssueSamlUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -1263,9 +1247,8 @@ public class IssueSamlUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -1355,9 +1338,8 @@ public class IssueSamlUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueUnitTest.java
index e1a1e65..5af2c9c 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/IssueUnitTest.java
@@ -20,7 +20,6 @@ package org.apache.cxf.sts.operation;
 
 import java.time.Instant;
 import java.time.ZoneOffset;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 
@@ -38,7 +37,6 @@ import org.apache.cxf.sts.STSPropertiesMBean;
 import org.apache.cxf.sts.StaticSTSProperties;
 import org.apache.cxf.sts.service.ServiceMBean;
 import org.apache.cxf.sts.service.StaticService;
-import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.ws.security.sts.provider.STSException;
 import org.apache.cxf.ws.security.sts.provider.model.LifetimeType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenCollectionType;
@@ -66,9 +64,8 @@ public class IssueUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new DummyTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new DummyTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -108,9 +105,8 @@ public class IssueUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new DummyTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new DummyTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -158,9 +154,8 @@ public class IssueUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new DummyTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new DummyTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -222,9 +217,8 @@ public class IssueUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new DummyTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new DummyTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -275,9 +269,8 @@ public class IssueUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new DummyTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new DummyTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -318,9 +311,8 @@ public class IssueUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new DummyTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new DummyTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -363,9 +355,8 @@ public class IssueUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new DummyTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new DummyTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -409,9 +400,8 @@ public class IssueUnitTest {
         TokenIssueOperation issueOperation = new TokenIssueOperation();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new DummyTokenProvider());
-        issueOperation.setTokenProviders(providerList);
+        issueOperation.setTokenProviders(Collections.singletonList(
+            new DummyTokenProvider()));
 
         // Add Service
         ServiceMBean service = new StaticService();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java
index 2b04461..a7949f2 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/RenewSamlUnitTest.java
@@ -21,8 +21,7 @@ package org.apache.cxf.sts.operation;
 import java.security.Principal;
 import java.time.Instant;
 import java.time.ZoneOffset;
-import java.util.ArrayList;
-import java.util.List;
+import java.util.Collections;
 import java.util.Properties;
 
 import javax.security.auth.callback.CallbackHandler;
@@ -53,7 +52,6 @@ import org.apache.cxf.sts.token.provider.TokenProviderResponse;
 import org.apache.cxf.sts.token.renewer.SAMLTokenRenewer;
 import org.apache.cxf.sts.token.renewer.TokenRenewer;
 import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
-import org.apache.cxf.sts.token.validator.TokenValidator;
 import org.apache.cxf.ws.security.sts.provider.model.RenewTargetType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
@@ -99,16 +97,13 @@ public class RenewSamlUnitTest {
         renewOperation.setTokenStore(tokenStore);
 
         // Add Token Renewer
-        List<TokenRenewer> renewerList = new ArrayList<>();
         TokenRenewer tokenRenewer = new SAMLTokenRenewer();
         tokenRenewer.setVerifyProofOfPossession(false);
-        renewerList.add(tokenRenewer);
-        renewOperation.setTokenRenewers(renewerList);
+        renewOperation.setTokenRenewers(Collections.singletonList(tokenRenewer));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        renewOperation.setTokenValidators(validatorList);
+        renewOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -190,17 +185,14 @@ public class RenewSamlUnitTest {
         renewOperation.setTokenStore(tokenStore);
 
         // Add Token Renewer
-        List<TokenRenewer> renewerList = new ArrayList<>();
         TokenRenewer tokenRenewer = new SAMLTokenRenewer();
         tokenRenewer.setVerifyProofOfPossession(false);
         tokenRenewer.setAllowRenewalAfterExpiry(true);
-        renewerList.add(tokenRenewer);
-        renewOperation.setTokenRenewers(renewerList);
+        renewOperation.setTokenRenewers(Collections.singletonList(tokenRenewer));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        renewOperation.setTokenValidators(validatorList);
+        renewOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -284,17 +276,14 @@ public class RenewSamlUnitTest {
         renewOperation.setTokenStore(tokenStore);
 
         // Add Token Renewer
-        List<TokenRenewer> renewerList = new ArrayList<>();
         TokenRenewer tokenRenewer = new SAMLTokenRenewer();
         tokenRenewer.setVerifyProofOfPossession(false);
         tokenRenewer.setAllowRenewalAfterExpiry(true);
-        renewerList.add(tokenRenewer);
-        renewOperation.setTokenRenewers(renewerList);
+        renewOperation.setTokenRenewers(Collections.singletonList(tokenRenewer));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        renewOperation.setTokenValidators(validatorList);
+        renewOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -378,17 +367,14 @@ public class RenewSamlUnitTest {
         renewOperation.setTokenStore(tokenStore);
 
         // Add Token Renewer
-        List<TokenRenewer> renewerList = new ArrayList<>();
         TokenRenewer tokenRenewer = new SAMLTokenRenewer();
         tokenRenewer.setVerifyProofOfPossession(false);
         tokenRenewer.setAllowRenewalAfterExpiry(true);
-        renewerList.add(tokenRenewer);
-        renewOperation.setTokenRenewers(renewerList);
+        renewOperation.setTokenRenewers(Collections.singletonList(tokenRenewer));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        renewOperation.setTokenValidators(validatorList);
+        renewOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateJWTTransformationTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateJWTTransformationTest.java
index 9159f0c..f48834b 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateJWTTransformationTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateJWTTransformationTest.java
@@ -19,10 +19,8 @@
 package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
-import java.util.List;
 import java.util.Map;
 import java.util.Properties;
 
@@ -55,7 +53,6 @@ import org.apache.cxf.sts.common.PasswordCallbackHandler;
 import org.apache.cxf.sts.request.KeyRequirements;
 import org.apache.cxf.sts.request.TokenRequirements;
 import org.apache.cxf.sts.service.EncryptionProperties;
-import org.apache.cxf.sts.token.provider.AttributeStatementProvider;
 import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
@@ -64,7 +61,6 @@ import org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider;
 import org.apache.cxf.sts.token.realm.JWTRealmCodec;
 import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
-import org.apache.cxf.sts.token.validator.TokenValidator;
 import org.apache.cxf.sts.token.validator.jwt.JWTTokenValidator;
 import org.apache.cxf.ws.security.sts.provider.STSException;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
@@ -100,14 +96,12 @@ public class ValidateJWTTransformationTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new JWTTokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new JWTTokenValidator()));
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        validateOperation.setTokenProviders(providerList);
+        validateOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -179,17 +173,13 @@ public class ValidateJWTTransformationTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
         JWTTokenValidator validator = new JWTTokenValidator();
         validator.setRealmCodec(new CustomJWTRealmCodec());
-        validatorList.add(validator);
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(validator));
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
-        providerList.add(samlTokenProvider);
-        validateOperation.setTokenProviders(providerList);
+        validateOperation.setTokenProviders(Collections.singletonList(samlTokenProvider));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -273,14 +263,12 @@ public class ValidateJWTTransformationTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new JWTTokenProvider());
-        validateOperation.setTokenProviders(providerList);
+        validateOperation.setTokenProviders(Collections.singletonList(
+            new JWTTokenProvider()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -471,15 +459,13 @@ public class ValidateJWTTransformationTest {
         return properties;
     }
 
-    private Element createSAMLAssertion(
+    private static Element createSAMLAssertion(
         String tokenType, Crypto crypto, String signatureUsername, CallbackHandler callbackHandler
     ) throws WSSecurityException {
 
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
-        List<AttributeStatementProvider> customProviderList =
-            new ArrayList<>();
-        customProviderList.add(new ClaimsAttributeStatementProvider());
-        samlTokenProvider.setAttributeStatementProviders(customProviderList);
+        samlTokenProvider.setAttributeStatementProviders(Collections.singletonList(
+            new ClaimsAttributeStatementProvider()));
 
         TokenProviderParameters providerParameters =
             createProviderParameters(
@@ -506,7 +492,7 @@ public class ValidateJWTTransformationTest {
         return (Element)providerResponse.getToken();
     }
 
-    private TokenProviderParameters createProviderParameters(
+    private static TokenProviderParameters createProviderParameters(
         String tokenType, String keyType, Crypto crypto,
         String signatureUsername, CallbackHandler callbackHandler
     ) throws WSSecurityException {
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateJWTUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateJWTUnitTest.java
index 28bf8e2..a23d315 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateJWTUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateJWTUnitTest.java
@@ -19,8 +19,7 @@
 package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
-import java.util.ArrayList;
-import java.util.List;
+import java.util.Collections;
 import java.util.Properties;
 
 import javax.xml.bind.JAXBElement;
@@ -45,7 +44,6 @@ import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
 import org.apache.cxf.sts.token.provider.jwt.JWTTokenProvider;
-import org.apache.cxf.sts.token.validator.TokenValidator;
 import org.apache.cxf.sts.token.validator.jwt.JWTTokenValidator;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
@@ -74,9 +72,8 @@ public class ValidateJWTUnitTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new JWTTokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new JWTTokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSCTUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSCTUnitTest.java
index 39ad68e..f519ba0 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSCTUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSCTUnitTest.java
@@ -19,8 +19,7 @@
 package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
-import java.util.ArrayList;
-import java.util.List;
+import java.util.Collections;
 import java.util.Properties;
 
 import javax.xml.bind.JAXBElement;
@@ -45,7 +44,6 @@ import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
 import org.apache.cxf.sts.token.validator.SCTValidator;
-import org.apache.cxf.sts.token.validator.TokenValidator;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
 import org.apache.cxf.ws.security.sts.provider.model.StatusType;
@@ -91,9 +89,8 @@ public class ValidateSCTUnitTest {
         validateOperation.setTokenStore(tokenStore);
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SCTValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new SCTValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSamlUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSamlUnitTest.java
index 5f5ed10..6116332 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSamlUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateSamlUnitTest.java
@@ -19,8 +19,7 @@
 package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
-import java.util.ArrayList;
-import java.util.List;
+import java.util.Collections;
 import java.util.Properties;
 
 import javax.security.auth.callback.CallbackHandler;
@@ -46,7 +45,6 @@ import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
 import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
-import org.apache.cxf.sts.token.validator.TokenValidator;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
 import org.apache.cxf.ws.security.sts.provider.model.StatusType;
@@ -78,9 +76,8 @@ public class ValidateSamlUnitTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -139,9 +136,8 @@ public class ValidateSamlUnitTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new SAMLTokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new SAMLTokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateTokenTransformationUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateTokenTransformationUnitTest.java
index 660c835..d592fdb 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateTokenTransformationUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateTokenTransformationUnitTest.java
@@ -19,10 +19,8 @@
 package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
-import java.util.List;
 import java.util.Map;
 import java.util.Properties;
 
@@ -56,16 +54,13 @@ import org.apache.cxf.sts.request.TokenRequirements;
 import org.apache.cxf.sts.service.EncryptionProperties;
 import org.apache.cxf.sts.service.ServiceMBean;
 import org.apache.cxf.sts.service.StaticService;
-import org.apache.cxf.sts.token.provider.AttributeStatementProvider;
 import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
-import org.apache.cxf.sts.token.provider.TokenProvider;
 import org.apache.cxf.sts.token.provider.TokenProviderParameters;
 import org.apache.cxf.sts.token.provider.TokenProviderResponse;
 import org.apache.cxf.sts.token.realm.RealmProperties;
 import org.apache.cxf.sts.token.realm.Relationship;
 import org.apache.cxf.sts.token.validator.IssuerSAMLRealmCodec;
 import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
-import org.apache.cxf.sts.token.validator.TokenValidator;
 import org.apache.cxf.sts.token.validator.UsernameTokenValidator;
 import org.apache.cxf.ws.security.sts.provider.STSException;
 import org.apache.cxf.ws.security.sts.provider.model.ClaimsType;
@@ -106,14 +101,12 @@ public class ValidateTokenTransformationUnitTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new UsernameTokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new UsernameTokenValidator()));
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-        providerList.add(new SAMLTokenProvider());
-        validateOperation.setTokenProviders(providerList);
+        validateOperation.setTokenProviders(Collections.singletonList(
+            new SAMLTokenProvider()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -187,17 +180,13 @@ public class ValidateTokenTransformationUnitTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
         UsernameTokenValidator validator = new UsernameTokenValidator();
         validator.setUsernameTokenRealmCodec(new CustomUsernameTokenRealmCodec());
-        validatorList.add(validator);
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(validator));
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
-        providerList.add(samlTokenProvider);
-        validateOperation.setTokenProviders(providerList);
+        validateOperation.setTokenProviders(Collections.singletonList(samlTokenProvider));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -331,22 +320,16 @@ public class ValidateTokenTransformationUnitTest {
         Map<String, RealmProperties> realms = createSamlRealms();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
         samlTokenProvider.setRealmMap(realms);
-        List<AttributeStatementProvider> customProviderList =
-            new ArrayList<>();
-        customProviderList.add(new ClaimsAttributeStatementProvider());
-        samlTokenProvider.setAttributeStatementProviders(customProviderList);
-        providerList.add(samlTokenProvider);
-        validateOperation.setTokenProviders(providerList);
+        samlTokenProvider.setAttributeStatementProviders(Collections.singletonList(
+            new ClaimsAttributeStatementProvider()));
+        validateOperation.setTokenProviders(Collections.singletonList(samlTokenProvider));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
         SAMLTokenValidator samlTokenValidator = new SAMLTokenValidator();
         samlTokenValidator.setSamlRealmCodec(new IssuerSAMLRealmCodec());
-        validatorList.add(samlTokenValidator);
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(samlTokenValidator));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -354,16 +337,14 @@ public class ValidateTokenTransformationUnitTest {
         validateOperation.setServices(Collections.singletonList(service));
 
         // Add Relationship list
-        List<Relationship> relationshipList = new ArrayList<>();
         Relationship rs = createRelationship();
-        relationshipList.add(rs);
 
         // Add STSProperties object
         Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
         STSPropertiesMBean stsProperties = createSTSPropertiesMBean(crypto);
         stsProperties.setRealmParser(new CustomRealmParser());
         stsProperties.setIdentityMapper(new CustomIdentityMapper());
-        stsProperties.setRelationships(relationshipList);
+        stsProperties.setRelationships(Collections.singletonList(rs));
         validateOperation.setStsProperties(stsProperties);
 
         // Set the ClaimsManager
@@ -457,20 +438,14 @@ public class ValidateTokenTransformationUnitTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new UsernameTokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new UsernameTokenValidator()));
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
-
-        List<AttributeStatementProvider> customProviderList =
-            new ArrayList<>();
-        customProviderList.add(new CustomAttributeProvider());
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
-        samlTokenProvider.setAttributeStatementProviders(customProviderList);
-        providerList.add(samlTokenProvider);
-        validateOperation.setTokenProviders(providerList);
+        samlTokenProvider.setAttributeStatementProviders(Collections.singletonList(
+            new CustomAttributeProvider()));
+        validateOperation.setTokenProviders(Collections.singletonList(samlTokenProvider));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -554,22 +529,16 @@ public class ValidateTokenTransformationUnitTest {
         Map<String, RealmProperties> realms = createSamlRealms();
 
         // Add Token Provider
-        List<TokenProvider> providerList = new ArrayList<>();
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
         samlTokenProvider.setRealmMap(realms);
-        List<AttributeStatementProvider> customProviderList =
-            new ArrayList<>();
-        customProviderList.add(new ClaimsAttributeStatementProvider());
-        samlTokenProvider.setAttributeStatementProviders(customProviderList);
-        providerList.add(samlTokenProvider);
-        validateOperation.setTokenProviders(providerList);
+        samlTokenProvider.setAttributeStatementProviders(Collections.singletonList(
+            new ClaimsAttributeStatementProvider()));
+        validateOperation.setTokenProviders(Collections.singletonList(samlTokenProvider));
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
         SAMLTokenValidator samlTokenValidator = new SAMLTokenValidator();
         samlTokenValidator.setSamlRealmCodec(new IssuerSAMLRealmCodec());
-        validatorList.add(samlTokenValidator);
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(samlTokenValidator));
 
         // Add Service
         ServiceMBean service = new StaticService();
@@ -577,11 +546,9 @@ public class ValidateTokenTransformationUnitTest {
         validateOperation.setServices(Collections.singletonList(service));
 
         // Add Relationship list
-        List<Relationship> relationshipList = new ArrayList<>();
         Relationship rs = createRelationship();
         rs.setType(Relationship.FED_TYPE_IDENTITY);
         rs.setIdentityMapper(new CustomIdentityMapper());
-        relationshipList.add(rs);
 
         // Add STSProperties object
         Crypto crypto = CryptoFactory.getInstance(getEncryptionProperties());
@@ -590,7 +557,7 @@ public class ValidateTokenTransformationUnitTest {
         if (useGlobalIdentityMapper) {
             stsProperties.setIdentityMapper(new CustomIdentityMapper());
         } else {
-            stsProperties.setRelationships(relationshipList);
+            stsProperties.setRelationships(Collections.singletonList(rs));
         }
         validateOperation.setStsProperties(stsProperties);
 
@@ -829,17 +796,15 @@ public class ValidateTokenTransformationUnitTest {
     /*
      * Mock up an SAML assertion element
      */
-    private Element createSAMLAssertion(
+    private static Element createSAMLAssertion(
             String tokenType, Crypto crypto, String signatureUsername, CallbackHandler callbackHandler,
             Map<String, RealmProperties> realms
     ) throws WSSecurityException {
 
         SAMLTokenProvider samlTokenProvider = new SAMLTokenProvider();
         samlTokenProvider.setRealmMap(realms);
-        List<AttributeStatementProvider> customProviderList =
-            new ArrayList<>();
-        customProviderList.add(new ClaimsAttributeStatementProvider());
-        samlTokenProvider.setAttributeStatementProviders(customProviderList);
+        samlTokenProvider.setAttributeStatementProviders(Collections.singletonList(
+            new ClaimsAttributeStatementProvider()));
 
         TokenProviderParameters providerParameters =
             createProviderParameters(
@@ -869,7 +834,7 @@ public class ValidateTokenTransformationUnitTest {
         return (Element)providerResponse.getToken();
     }
 
-    private TokenProviderParameters createProviderParameters(
+    private static TokenProviderParameters createProviderParameters(
             String tokenType, String keyType, Crypto crypto,
             String signatureUsername, CallbackHandler callbackHandler
     ) throws WSSecurityException {
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateUnitTest.java
index 9de5e5e..e289360 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateUnitTest.java
@@ -18,7 +18,7 @@
  */
 package org.apache.cxf.sts.operation;
 
-import java.util.ArrayList;
+import java.util.Collections;
 import java.util.List;
 
 import javax.xml.bind.JAXBElement;
@@ -30,7 +30,6 @@ import org.apache.cxf.sts.QNameConstants;
 import org.apache.cxf.sts.STSConstants;
 import org.apache.cxf.sts.STSPropertiesMBean;
 import org.apache.cxf.sts.StaticSTSProperties;
-import org.apache.cxf.sts.token.validator.TokenValidator;
 import org.apache.cxf.ws.security.sts.provider.STSException;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenCollectionType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseCollectionType;
@@ -61,9 +60,8 @@ public class ValidateUnitTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new DummyTokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new DummyTokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -107,9 +105,8 @@ public class ValidateUnitTest {
         requestCollectionOperation.setValidateOperation(validateOperation);
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new DummyTokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new DummyTokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -171,9 +168,8 @@ public class ValidateUnitTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new DummyTokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new DummyTokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -208,9 +204,8 @@ public class ValidateUnitTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new DummyTokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new DummyTokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -261,9 +256,8 @@ public class ValidateUnitTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new DummyTokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new DummyTokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateUsernameTokenUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateUsernameTokenUnitTest.java
index cce8ea6..f71931d 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateUsernameTokenUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateUsernameTokenUnitTest.java
@@ -19,8 +19,7 @@
 package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
-import java.util.ArrayList;
-import java.util.List;
+import java.util.Collections;
 import java.util.Properties;
 
 import javax.xml.bind.JAXBElement;
@@ -34,7 +33,6 @@ import org.apache.cxf.sts.STSConstants;
 import org.apache.cxf.sts.STSPropertiesMBean;
 import org.apache.cxf.sts.StaticSTSProperties;
 import org.apache.cxf.sts.common.PasswordCallbackHandler;
-import org.apache.cxf.sts.token.validator.TokenValidator;
 import org.apache.cxf.sts.token.validator.UsernameTokenValidator;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
@@ -69,9 +67,8 @@ public class ValidateUsernameTokenUnitTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new UsernameTokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new UsernameTokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -126,9 +123,8 @@ public class ValidateUsernameTokenUnitTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new UsernameTokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new UsernameTokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateX509TokenUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateX509TokenUnitTest.java
index 04da827..f143ff2 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateX509TokenUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/operation/ValidateX509TokenUnitTest.java
@@ -20,9 +20,8 @@ package org.apache.cxf.sts.operation;
 
 import java.security.Principal;
 import java.security.cert.X509Certificate;
-import java.util.ArrayList;
 import java.util.Base64;
-import java.util.List;
+import java.util.Collections;
 import java.util.Properties;
 
 import javax.xml.bind.JAXBElement;
@@ -36,7 +35,6 @@ import org.apache.cxf.sts.STSConstants;
 import org.apache.cxf.sts.STSPropertiesMBean;
 import org.apache.cxf.sts.StaticSTSProperties;
 import org.apache.cxf.sts.common.PasswordCallbackHandler;
-import org.apache.cxf.sts.token.validator.TokenValidator;
 import org.apache.cxf.sts.token.validator.X509TokenValidator;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenResponseType;
 import org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType;
@@ -70,9 +68,8 @@ public class ValidateX509TokenUnitTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new X509TokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new X509TokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
@@ -133,9 +130,8 @@ public class ValidateX509TokenUnitTest {
         TokenValidateOperation validateOperation = new TokenValidateOperation();
 
         // Add Token Validator
-        List<TokenValidator> validatorList = new ArrayList<>();
-        validatorList.add(new X509TokenValidator());
-        validateOperation.setTokenValidators(validatorList);
+        validateOperation.setTokenValidators(Collections.singletonList(
+            new X509TokenValidator()));
 
         // Add STSProperties object
         STSPropertiesMBean stsProperties = new StaticSTSProperties();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/request/RequestParserUnitTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/request/RequestParserUnitTest.java
index 5117c34..2110a4e 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/request/RequestParserUnitTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/request/RequestParserUnitTest.java
@@ -19,8 +19,7 @@
 package org.apache.cxf.sts.request;
 
 import java.io.StringReader;
-import java.util.ArrayList;
-import java.util.List;
+import java.util.Collections;
 import java.util.Properties;
 
 import javax.xml.bind.JAXBContext;
@@ -144,9 +143,7 @@ public class RequestParserUnitTest {
 
         WSHandlerResult results =
             securityEngine.processSecurityHeader(secHeaderElement, reqData);
-        List<WSHandlerResult> resultsList = new ArrayList<>();
-        resultsList.add(results);
-        msgContext.put(WSHandlerConstants.RECV_RESULTS, resultsList);
+        msgContext.put(WSHandlerConstants.RECV_RESULTS, Collections.singletonList(results));
 
         RequestRequirements requestRequirements = parser.parseRequest(request, msgContext, null, null);
 
@@ -174,9 +171,7 @@ public class RequestParserUnitTest {
 
         WSHandlerResult results =
             securityEngine.processSecurityHeader(secHeaderElement, reqData);
-        List<WSHandlerResult> resultsList = new ArrayList<>();
-        resultsList.add(results);
-        msgContext.put(WSHandlerConstants.RECV_RESULTS, resultsList);
+        msgContext.put(WSHandlerConstants.RECV_RESULTS, Collections.singletonList(results));
 
         RequestRequirements requestRequirements = parser.parseRequest(request, msgContext, null, null);
 
@@ -205,9 +200,7 @@ public class RequestParserUnitTest {
 
         WSHandlerResult results =
             securityEngine.processSecurityHeader(secHeaderElement, reqData);
-        List<WSHandlerResult> resultsList = new ArrayList<>();
-        resultsList.add(results);
-        msgContext.put(WSHandlerConstants.RECV_RESULTS, resultsList);
+        msgContext.put(WSHandlerConstants.RECV_RESULTS, Collections.singletonList(results));
 
         RequestRequirements requestRequirements = parser.parseRequest(request, msgContext, null, null);
 
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java
index f37605a..cb41395 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLClaimsTest.java
@@ -18,7 +18,6 @@
  */
 package org.apache.cxf.sts.token.provider;
 
-import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.HashMap;
@@ -261,9 +260,7 @@ public class SAMLClaimsTest {
         staticClaims.put(APPLICATION_APPLIES_TO, endpointClaimsMap);
         claimsHandler.setEndpointClaims(staticClaims);
 
-        List<String> supportedClaims = new ArrayList<>();
-        supportedClaims.add(CLAIM_APPLICATION);
-        claimsHandler.setSupportedClaims(supportedClaims);
+        claimsHandler.setSupportedClaims(Collections.singletonList(CLAIM_APPLICATION));
 
         claimsManager.setClaimHandlers(Collections.singletonList((ClaimsHandler)claimsHandler));
         providerParameters.setClaimsManager(claimsManager);
@@ -316,9 +313,7 @@ public class SAMLClaimsTest {
         staticClaims.put(APPLICATION_APPLIES_TO, endpointClaimsMap);
         claimsHandler.setEndpointClaims(staticClaims);
 
-        List<String> supportedClaims = new ArrayList<>();
-        supportedClaims.add(CLAIM_APPLICATION);
-        claimsHandler.setSupportedClaims(supportedClaims);
+        claimsHandler.setSupportedClaims(Collections.singletonList(CLAIM_APPLICATION));
 
         claimsManager.setClaimHandlers(Collections.singletonList((ClaimsHandler)claimsHandler));
         providerParameters.setClaimsManager(claimsManager);
@@ -387,7 +382,7 @@ public class SAMLClaimsTest {
         ClaimsHandler claimsHandler = new CustomClaimsHandler();
         ClaimsHandler claimsHandler2 = new CustomClaimsHandler();
         ((CustomClaimsHandler) claimsHandler2).setRole("CustomRole");
-        claimsManager.setClaimHandlers(new ArrayList<ClaimsHandler>(Arrays.asList(claimsHandler, claimsHandler2)));
+        claimsManager.setClaimHandlers(Arrays.asList(claimsHandler, claimsHandler2));
         providerParameters.setClaimsManager(claimsManager);
 
         ClaimCollection claims = new ClaimCollection();
@@ -431,7 +426,7 @@ public class SAMLClaimsTest {
         ClaimsHandler claimsHandler = new CustomClaimsHandler();
         ClaimsHandler claimsHandler2 = new CustomClaimsHandler();
         ((CustomClaimsHandler) claimsHandler2).setRole("CustomRole");
-        claimsManager.setClaimHandlers(new ArrayList<ClaimsHandler>(Arrays.asList(claimsHandler, claimsHandler2)));
+        claimsManager.setClaimHandlers(Arrays.asList(claimsHandler, claimsHandler2));
         providerParameters.setClaimsManager(claimsManager);
 
         ClaimCollection claims = new ClaimCollection();
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderActAsTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderActAsTest.java
index 2d365c7..243a167 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderActAsTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderActAsTest.java
@@ -18,7 +18,6 @@
  */
 package org.apache.cxf.sts.token.provider;
 
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 import java.util.Properties;
@@ -207,8 +206,7 @@ public class SAMLProviderActAsTest {
 
         assertFalse(tokenString.contains("CustomActAs"));
 
-        List<AttributeStatementProvider> customProviderList = new ArrayList<>();
-        customProviderList.add(new CustomAttributeProvider());
+        List<AttributeStatementProvider> customProviderList = Collections.singletonList(new CustomAttributeProvider());
         ((SAMLTokenProvider)samlTokenProvider).setAttributeStatementProviders(customProviderList);
 
         providerResponse = samlTokenProvider.createToken(providerParameters);
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderCustomTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderCustomTest.java
index 238fa98..1092d66 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderCustomTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderCustomTest.java
@@ -18,7 +18,8 @@
  */
 package org.apache.cxf.sts.token.provider;
 
-import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
 import java.util.List;
 import java.util.Properties;
 
@@ -60,8 +61,7 @@ public class SAMLProviderCustomTest {
         TokenProviderParameters providerParameters =
             createProviderParameters(WSS4JConstants.WSS_SAML_TOKEN_TYPE, STSConstants.BEARER_KEY_KEYTYPE);
 
-        List<AttributeStatementProvider> customProviderList = new ArrayList<>();
-        customProviderList.add(new CustomAttributeProvider());
+        List<AttributeStatementProvider> customProviderList = Collections.singletonList(new CustomAttributeProvider());
         ((SAMLTokenProvider)samlTokenProvider).setAttributeStatementProviders(customProviderList);
 
         assertTrue(samlTokenProvider.canHandleToken(WSS4JConstants.WSS_SAML_TOKEN_TYPE));
@@ -87,9 +87,8 @@ public class SAMLProviderCustomTest {
         TokenProviderParameters providerParameters =
             createProviderParameters(WSS4JConstants.WSS_SAML2_TOKEN_TYPE, STSConstants.BEARER_KEY_KEYTYPE);
 
-        List<AuthenticationStatementProvider> customProviderList =
-            new ArrayList<>();
-        customProviderList.add(new CustomAuthenticationProvider());
+        List<AuthenticationStatementProvider> customProviderList = Collections.singletonList(
+            new CustomAuthenticationProvider());
         ((SAMLTokenProvider)samlTokenProvider).setAuthenticationStatementProviders(customProviderList);
 
         assertTrue(samlTokenProvider.canHandleToken(WSS4JConstants.WSS_SAML2_TOKEN_TYPE));
@@ -115,9 +114,8 @@ public class SAMLProviderCustomTest {
         TokenProviderParameters providerParameters =
             createProviderParameters(WSS4JConstants.WSS_SAML_TOKEN_TYPE, STSConstants.BEARER_KEY_KEYTYPE);
 
-        List<AuthenticationStatementProvider> customProviderList =
-            new ArrayList<>();
-        customProviderList.add(new CustomAuthenticationProvider());
+        List<AuthenticationStatementProvider> customProviderList = Collections.singletonList(
+            new CustomAuthenticationProvider());
         ((SAMLTokenProvider)samlTokenProvider).setAuthenticationStatementProviders(customProviderList);
 
         assertTrue(samlTokenProvider.canHandleToken(WSS4JConstants.WSS_SAML_TOKEN_TYPE));
@@ -143,14 +141,12 @@ public class SAMLProviderCustomTest {
         TokenProviderParameters providerParameters =
             createProviderParameters(WSS4JConstants.WSS_SAML2_TOKEN_TYPE, STSConstants.BEARER_KEY_KEYTYPE);
 
-        List<AuthenticationStatementProvider> customProviderList =
-            new ArrayList<>();
-        customProviderList.add(new CustomAuthenticationProvider());
+        List<AuthenticationStatementProvider> customProviderList = Collections.singletonList(
+            new CustomAuthenticationProvider());
         ((SAMLTokenProvider)samlTokenProvider).setAuthenticationStatementProviders(customProviderList);
 
-        List<AttributeStatementProvider> customAttributeProviderList =
-            new ArrayList<>();
-        customAttributeProviderList.add(new CustomAttributeProvider());
+        List<AttributeStatementProvider> customAttributeProviderList = Collections.singletonList(
+            new CustomAttributeProvider());
         ((SAMLTokenProvider)samlTokenProvider).setAttributeStatementProviders(customAttributeProviderList);
 
         assertTrue(samlTokenProvider.canHandleToken(WSS4JConstants.WSS_SAML2_TOKEN_TYPE));
@@ -175,9 +171,9 @@ public class SAMLProviderCustomTest {
         TokenProviderParameters providerParameters =
             createProviderParameters(WSS4JConstants.WSS_SAML_TOKEN_TYPE, STSConstants.BEARER_KEY_KEYTYPE);
 
-        List<AttributeStatementProvider> customProviderList = new ArrayList<>();
-        customProviderList.add(new CustomAttributeProvider());
-        customProviderList.add(new CustomAttributeProvider());
+        List<AttributeStatementProvider> customProviderList = Arrays.asList(
+            new CustomAttributeProvider(),
+            new CustomAttributeProvider());
         ((SAMLTokenProvider)samlTokenProvider).setAttributeStatementProviders(customProviderList);
 
         assertTrue(samlTokenProvider.canHandleToken(WSS4JConstants.WSS_SAML_TOKEN_TYPE));
@@ -203,9 +199,8 @@ public class SAMLProviderCustomTest {
         TokenProviderParameters providerParameters =
             createProviderParameters(WSS4JConstants.WSS_SAML2_TOKEN_TYPE, STSConstants.BEARER_KEY_KEYTYPE);
 
-        List<AuthDecisionStatementProvider> customProviderList =
-            new ArrayList<>();
-        customProviderList.add(new CustomAuthDecisionProvider());
+        List<AuthDecisionStatementProvider> customProviderList = Collections.singletonList(
+            new CustomAuthDecisionProvider());
         ((SAMLTokenProvider)samlTokenProvider).setAuthDecisionStatementProviders(customProviderList);
 
         assertTrue(samlTokenProvider.canHandleToken(WSS4JConstants.WSS_SAML2_TOKEN_TYPE));
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderKeyTypeTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderKeyTypeTest.java
index bba434e..fcbd0b0 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderKeyTypeTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderKeyTypeTest.java
@@ -19,8 +19,7 @@
 package org.apache.cxf.sts.token.provider;
 
 import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.List;
+import java.util.Arrays;
 import java.util.Properties;
 
 import org.w3c.dom.Element;
@@ -486,10 +485,9 @@ public class SAMLProviderKeyTypeTest {
 
         STSPropertiesMBean stsProperties = providerParameters.getStsProperties();
         SignatureProperties sigProperties = new SignatureProperties();
-        List<String> acceptedC14nAlgorithms = new ArrayList<>();
-        acceptedC14nAlgorithms.add(WSS4JConstants.C14N_EXCL_OMIT_COMMENTS);
-        acceptedC14nAlgorithms.add(WSS4JConstants.C14N_EXCL_WITH_COMMENTS);
-        sigProperties.setAcceptedC14nAlgorithms(acceptedC14nAlgorithms);
+        sigProperties.setAcceptedC14nAlgorithms(Arrays.asList(
+            WSS4JConstants.C14N_EXCL_OMIT_COMMENTS,
+            WSS4JConstants.C14N_EXCL_WITH_COMMENTS));
         stsProperties.setSignatureProperties(sigProperties);
 
         // This will succeed as the requested c14n algorithm is accepted
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderOnBehalfOfTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderOnBehalfOfTest.java
index 1e1911b..58491c8 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderOnBehalfOfTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/provider/SAMLProviderOnBehalfOfTest.java
@@ -18,7 +18,7 @@
  */
 package org.apache.cxf.sts.token.provider;
 
-import java.util.ArrayList;
+import java.util.Collections;
 import java.util.List;
 import java.util.Properties;
 
@@ -160,8 +160,7 @@ public class SAMLProviderOnBehalfOfTest {
 
         assertFalse(tokenString.contains("CustomOnBehalfOf"));
 
-        List<AttributeStatementProvider> customProviderList = new ArrayList<>();
-        customProviderList.add(new CustomAttributeProvider());
+        List<AttributeStatementProvider> customProviderList = Collections.singletonList(new CustomAttributeProvider());
         ((SAMLTokenProvider)samlTokenProvider).setAttributeStatementProviders(customProviderList);
 
         providerResponse = samlTokenProvider.createToken(providerParameters);
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/realm/RealmSupportTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/realm/RealmSupportTest.java
index 3c5f7fe..bf5caf0 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/realm/RealmSupportTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/realm/RealmSupportTest.java
@@ -20,13 +20,11 @@
 package org.apache.cxf.sts.token.realm;
 
 import java.net.URI;
-import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collections;
-import java.util.List;
 
 import org.apache.cxf.rt.security.claims.Claim;
 import org.apache.cxf.rt.security.claims.ClaimCollection;
-import org.apache.cxf.sts.claims.ClaimsHandler;
 import org.apache.cxf.sts.claims.ClaimsManager;
 import org.apache.cxf.sts.claims.ClaimsParameters;
 import org.apache.cxf.sts.claims.ProcessedClaimCollection;
@@ -58,11 +56,10 @@ public class RealmSupportTest {
         realmCHandler.setRealm("B");
         realmCHandler.setSupportedClaimTypes(Collections.singletonList("Claim-C"));
 
-        List<ClaimsHandler> claimHandlers = new ArrayList<>();
-        claimHandlers.add(realmAHandler);
-        claimHandlers.add(realmBHandler);
-        claimHandlers.add(realmCHandler);
-        claimsManager.setClaimHandlers(Collections.unmodifiableList(claimHandlers));
+        claimsManager.setClaimHandlers(Arrays.asList(
+            realmAHandler,
+            realmBHandler,
+            realmCHandler));
 
         ClaimCollection requestedClaims = createClaimCollection();
 
@@ -92,11 +89,10 @@ public class RealmSupportTest {
         realmCHandler.setRealm("B");
         realmCHandler.setSupportedClaimTypes(Collections.singletonList("Claim-C"));
 
-        List<ClaimsHandler> claimHandlers = new ArrayList<>();
-        claimHandlers.add(realmAHandler);
-        claimHandlers.add(realmBHandler);
-        claimHandlers.add(realmCHandler);
-        claimsManager.setClaimHandlers(Collections.unmodifiableList(claimHandlers));
+        claimsManager.setClaimHandlers(Arrays.asList(
+            realmAHandler,
+            realmBHandler,
+            realmCHandler));
 
         ClaimCollection requestedClaims = createClaimCollection();
 
@@ -127,11 +123,10 @@ public class RealmSupportTest {
         realmCHandler.setSupportedRealms(Collections.singletonList("A"));
         realmCHandler.setSupportedClaimTypes(Collections.singletonList("Claim-C"));
 
-        List<ClaimsHandler> claimHandlers = new ArrayList<>();
-        claimHandlers.add(realmAHandler);
-        claimHandlers.add(realmBHandler);
-        claimHandlers.add(realmCHandler);
-        claimsManager.setClaimHandlers(Collections.unmodifiableList(claimHandlers));
+        claimsManager.setClaimHandlers(Arrays.asList(
+            realmAHandler,
+            realmBHandler,
+            realmCHandler));
 
         ClaimCollection requestedClaims = createClaimCollection();
 
@@ -166,11 +161,10 @@ public class RealmSupportTest {
         realmCHandler.setSupportedRealms(Collections.singletonList("A"));
         realmCHandler.setSupportedClaimTypes(Collections.singletonList("Claim-C"));
 
-        List<ClaimsHandler> claimHandlers = new ArrayList<>();
-        claimHandlers.add(realmAHandler);
-        claimHandlers.add(realmBHandler);
-        claimHandlers.add(realmCHandler);
-        claimsManager.setClaimHandlers(Collections.unmodifiableList(claimHandlers));
+        claimsManager.setClaimHandlers(Arrays.asList(
+            realmAHandler,
+            realmBHandler,
+            realmCHandler));
 
         ClaimCollection requestedClaims = createClaimCollection();
 
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
index e51c2d3..a6b5efe 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/renewer/SAMLTokenRenewerPOPTest.java
@@ -20,7 +20,6 @@ package org.apache.cxf.sts.token.renewer;
 
 import java.time.Instant;
 import java.time.ZoneOffset;
-import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
@@ -138,23 +137,20 @@ public class SAMLTokenRenewerPOPTest {
             // expected
         }
 
-        List<WSSecurityEngineResult> signedResults = new ArrayList<>();
         WSSecurityEngineResult signedResult = new WSSecurityEngineResult(WSConstants.SIGN);
         CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
         cryptoType.setAlias("myclientkey");
         signedResult.put(
             WSSecurityEngineResult.TAG_X509_CERTIFICATES, crypto.getX509Certificates(cryptoType)
         );
-        signedResults.add(signedResult);
+        List<WSSecurityEngineResult> signedResults = Collections.singletonList(signedResult);
 
-        List<WSHandlerResult> handlerResults = new ArrayList<>();
         WSHandlerResult handlerResult =
             new WSHandlerResult(null, signedResults,
                                 Collections.singletonMap(WSConstants.SIGN, signedResults));
-        handlerResults.add(handlerResult);
 
         Map<String, Object> messageContext = validatorParameters.getMessageContext();
-        messageContext.put(WSHandlerConstants.RECV_RESULTS, handlerResults);
+        messageContext.put(WSHandlerConstants.RECV_RESULTS, Collections.singletonList(handlerResult));
 
         // Now successfully renew the token
         TokenRenewerResponse renewerResponse =
@@ -215,23 +211,20 @@ public class SAMLTokenRenewerPOPTest {
             // expected
         }
 
-        List<WSSecurityEngineResult> signedResults = new ArrayList<>();
         WSSecurityEngineResult signedResult = new WSSecurityEngineResult(WSConstants.SIGN);
         CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
         cryptoType.setAlias("myservicekey");
         signedResult.put(
             WSSecurityEngineResult.TAG_X509_CERTIFICATES, crypto.getX509Certificates(cryptoType)
         );
-        signedResults.add(signedResult);
+        List<WSSecurityEngineResult> signedResults = Collections.singletonList(signedResult);
 
-        List<WSHandlerResult> handlerResults = new ArrayList<>();
         WSHandlerResult handlerResult =
             new WSHandlerResult(null, signedResults,
                                 Collections.singletonMap(WSConstants.SIGN, signedResults));
-        handlerResults.add(handlerResult);
 
         Map<String, Object> messageContext = validatorParameters.getMessageContext();
-        messageContext.put(WSHandlerConstants.RECV_RESULTS, handlerResults);
+        messageContext.put(WSHandlerConstants.RECV_RESULTS, Collections.singleton(handlerResult));
 
         try {
             samlTokenRenewer.renewToken(renewerParameters);
diff --git a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorTest.java b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorTest.java
index 3cb5028..7b70147 100644
--- a/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorTest.java
+++ b/services/sts/sts-core/src/test/java/org/apache/cxf/sts/token/validator/SAMLTokenValidatorTest.java
@@ -23,9 +23,8 @@ import java.net.URI;
 import java.security.Principal;
 import java.time.Instant;
 import java.time.ZoneOffset;
-import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collections;
-import java.util.List;
 import java.util.Properties;
 import java.util.Set;
 
@@ -340,10 +339,9 @@ public class SAMLTokenValidatorTest {
         validatorParameters.setToken(validateTarget);
 
         assertTrue(samlTokenValidator.canHandleToken(validateTarget));
-        List<String> certConstraints = new ArrayList<>();
-        certConstraints.add("XYZ");
-        certConstraints.add(".*CN=www.sts.com.*");
-        ((SAMLTokenValidator)samlTokenValidator).setSubjectConstraints(certConstraints);
+        ((SAMLTokenValidator)samlTokenValidator).setSubjectConstraints(Arrays.asList(
+            "XYZ",
+            ".*CN=www.sts.com.*"));
 
         TokenValidatorResponse validatorResponse =
             samlTokenValidator.validateToken(validatorParameters);
@@ -351,9 +349,8 @@ public class SAMLTokenValidatorTest {
         assertNotNull(validatorResponse.getToken());
         assertTrue(validatorResponse.getToken().getState() == STATE.VALID);
 
-        certConstraints.clear();
-        certConstraints.add("XYZ");
-        ((SAMLTokenValidator)samlTokenValidator).setSubjectConstraints(certConstraints);
+        ((SAMLTokenValidator)samlTokenValidator).setSubjectConstraints(Collections.singletonList(
+            "XYZ"));
         validatorResponse = samlTokenValidator.validateToken(validatorParameters);
         assertNotNull(validatorResponse);
         assertNotNull(validatorResponse.getToken());

Reply | Threaded
Open this post in threaded view
|

[cxf] 06/10: cxf-rt-frontend-jaxrs: read stream directly

coheigea
Administrator
In reply to this post by coheigea
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch 3.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit 9db9dd6abc9f705ca248c96bc701c2cc2259ff24
Author: Alexey Markevich <[hidden email]>
AuthorDate: Thu Nov 5 16:53:06 2020 +0300

    cxf-rt-frontend-jaxrs: read stream directly
   
    (cherry picked from commit f3c4ac43c6043b8a2eb9682c7de3fba74a531c69)
---
 .../jaxrs/src/main/java/org/apache/cxf/jaxrs/ext/xml/XMLSource.java    | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/ext/xml/XMLSource.java b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/ext/xml/XMLSource.java
index 9273119..fdc36ce 100644
--- a/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/ext/xml/XMLSource.java
+++ b/rt/frontend/jaxrs/src/main/java/org/apache/cxf/jaxrs/ext/xml/XMLSource.java
@@ -35,7 +35,6 @@ import javax.xml.namespace.QName;
 import javax.xml.stream.XMLStreamException;
 import javax.xml.transform.Source;
 import javax.xml.transform.dom.DOMSource;
-import javax.xml.transform.stream.StreamSource;
 import javax.xml.xpath.XPath;
 import javax.xml.xpath.XPathConstants;
 import javax.xml.xpath.XPathExpressionException;
@@ -74,7 +73,7 @@ public class XMLSource {
      */
     public void setBuffering() {
         try {
-            doc = StaxUtils.read(new StreamSource(stream));
+            doc = StaxUtils.read(stream);
             stream = null;
         } catch (XMLStreamException e) {
             throw new Fault(e);

Reply | Threaded
Open this post in threaded view
|

[cxf] 07/10: Guard against null return value from (#720)

coheigea
Administrator
In reply to this post by coheigea
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch 3.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit c2221165fd99fc6c04046bda0058a2fc355e8a2c
Author: Gary Gregory <[hidden email]>
AuthorDate: Fri Nov 6 03:39:18 2020 -0500

    Guard against null return value from (#720)
   
    java.net.NetworkInterface.getNetworkInterfaces().
   
    (cherry picked from commit 2d2785078a4ee1133d81b932d4f68e0adfa78077)
---
 .../apache/cxf/transport/udp/UDPDestination.java   | 23 ++++++++---------
 .../apache/cxf/transport/udp/UDPTransportTest.java | 12 +++++----
 .../cxf/ws/discovery/WSDiscoveryClientTest.java    | 30 ++++++++++++----------
 3 files changed, 34 insertions(+), 31 deletions(-)

diff --git a/rt/transports/udp/src/main/java/org/apache/cxf/transport/udp/UDPDestination.java b/rt/transports/udp/src/main/java/org/apache/cxf/transport/udp/UDPDestination.java
index b0c8254..3b5d08d 100644
--- a/rt/transports/udp/src/main/java/org/apache/cxf/transport/udp/UDPDestination.java
+++ b/rt/transports/udp/src/main/java/org/apache/cxf/transport/udp/UDPDestination.java
@@ -196,22 +196,21 @@ public class UDPDestination extends AbstractDestination {
         }
         if (ret == null) {
             Enumeration<NetworkInterface> ifcs = NetworkInterface.getNetworkInterfaces();
-            List<NetworkInterface> possibles = new ArrayList<>();
-            while (ifcs.hasMoreElements()) {
-                NetworkInterface ni = ifcs.nextElement();
-                if (ni.supportsMulticast()
-                    && ni.isUp()) {
-                    for (InterfaceAddress ia : ni.getInterfaceAddresses()) {
-                        if (ia.getAddress() instanceof java.net.Inet4Address
-                            && !ia.getAddress().isLoopbackAddress()
-                            && !ni.getDisplayName().startsWith("vnic")) {
-                            possibles.add(ni);
+            if (ifcs != null) {
+                List<NetworkInterface> possibles = new ArrayList<>();
+                while (ifcs.hasMoreElements()) {
+                    NetworkInterface ni = ifcs.nextElement();
+                    if (ni.supportsMulticast() && ni.isUp()) {
+                        for (InterfaceAddress ia : ni.getInterfaceAddresses()) {
+                            if (ia.getAddress() instanceof java.net.Inet4Address && !ia.getAddress().isLoopbackAddress()
+                                    && !ni.getDisplayName().startsWith("vnic")) {
+                                possibles.add(ni);
+                            }
                         }
                     }
                 }
+                ret = possibles.isEmpty() ? null : possibles.get(possibles.size() - 1);
             }
-            ret = possibles.isEmpty() ? null : possibles.get(possibles.size() - 1);
-
         }
         return ret;
     }
diff --git a/rt/transports/udp/src/test/java/org/apache/cxf/transport/udp/UDPTransportTest.java b/rt/transports/udp/src/test/java/org/apache/cxf/transport/udp/UDPTransportTest.java
index dccb735..712c8fc 100644
--- a/rt/transports/udp/src/test/java/org/apache/cxf/transport/udp/UDPTransportTest.java
+++ b/rt/transports/udp/src/test/java/org/apache/cxf/transport/udp/UDPTransportTest.java
@@ -102,12 +102,14 @@ public class UDPTransportTest {
 
         Enumeration<NetworkInterface> interfaces = NetworkInterface.getNetworkInterfaces();
         int count = 0;
-        while (interfaces.hasMoreElements()) {
-            NetworkInterface networkInterface = interfaces.nextElement();
-            if (!networkInterface.isUp() || networkInterface.isLoopback()) {
-                continue;
+        if (interfaces != null) {
+            while (interfaces.hasMoreElements()) {
+                NetworkInterface networkInterface = interfaces.nextElement();
+                if (!networkInterface.isUp() || networkInterface.isLoopback()) {
+                    continue;
+                }
+                count++;
             }
-            count++;
         }
         if (count == 0) {
             //no non-loopbacks, cannot do broadcasts
diff --git a/services/ws-discovery/ws-discovery-api/src/test/java/org/apache/cxf/ws/discovery/WSDiscoveryClientTest.java b/services/ws-discovery/ws-discovery-api/src/test/java/org/apache/cxf/ws/discovery/WSDiscoveryClientTest.java
index 17df37b..b8a3138 100644
--- a/services/ws-discovery/ws-discovery-api/src/test/java/org/apache/cxf/ws/discovery/WSDiscoveryClientTest.java
+++ b/services/ws-discovery/ws-discovery-api/src/test/java/org/apache/cxf/ws/discovery/WSDiscoveryClientTest.java
@@ -61,15 +61,15 @@ public final class WSDiscoveryClientTest {
     static NetworkInterface findIpv4Interface() throws Exception {
         Enumeration<NetworkInterface> ifcs = NetworkInterface.getNetworkInterfaces();
         List<NetworkInterface> possibles = new ArrayList<>();
-        while (ifcs.hasMoreElements()) {
-            NetworkInterface ni = ifcs.nextElement();
-            if (ni.supportsMulticast()
-                && ni.isUp()) {
-                for (InterfaceAddress ia : ni.getInterfaceAddresses()) {
-                    if (ia.getAddress() instanceof java.net.Inet4Address
-                        && !ia.getAddress().isLoopbackAddress()
-                        && !ni.getDisplayName().startsWith("vnic")) {
-                        possibles.add(ni);
+        if (ifcs != null) {
+            while (ifcs.hasMoreElements()) {
+                NetworkInterface ni = ifcs.nextElement();
+                if (ni.supportsMulticast() && ni.isUp()) {
+                    for (InterfaceAddress ia : ni.getInterfaceAddresses()) {
+                        if (ia.getAddress() instanceof java.net.Inet4Address && !ia.getAddress().isLoopbackAddress()
+                                && !ni.getDisplayName().startsWith("vnic")) {
+                            possibles.add(ni);
+                        }
                     }
                 }
             }
@@ -88,12 +88,14 @@ public final class WSDiscoveryClientTest {
 
         Enumeration<NetworkInterface> interfaces = NetworkInterface.getNetworkInterfaces();
         int count = 0;
-        while (interfaces.hasMoreElements()) {
-            NetworkInterface networkInterface = interfaces.nextElement();
-            if (!networkInterface.isUp() || networkInterface.isLoopback()) {
-                continue;
+        if (interfaces != null) {
+            while (interfaces.hasMoreElements()) {
+                NetworkInterface networkInterface = interfaces.nextElement();
+                if (!networkInterface.isUp() || networkInterface.isLoopback()) {
+                    continue;
+                }
+                count++;
             }
-            count++;
         }
         if (count == 0) {
             //no non-loopbacks, cannot do broadcasts

Reply | Threaded
Open this post in threaded view
|

[cxf] 08/10: Jenkins: fix Maven ref

coheigea
Administrator
In reply to this post by coheigea
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch 3.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit d638b89cccf98194ca676069372808aad222699a
Author: Dennis Kieselhorst <[hidden email]>
AuthorDate: Sun Nov 8 10:18:51 2020 +0100

    Jenkins: fix Maven ref
   
    (cherry picked from commit f2214d0c391d4ccd7896141b48ff41486f985403)
---
 Jenkinsfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index 1dd043e..9aff7c6 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -43,7 +43,7 @@ pipeline {
             }
             tools {
               jdk "${JAVA_VERSION}"
-              maven 'Maven (latest)'
+              maven 'maven_latest'
             }
             environment {
               MAVEN_OPTS = "-Xmx1024m"

Reply | Threaded
Open this post in threaded view
|

[cxf] 09/10: Jenkins: fix JDK refs

coheigea
Administrator
In reply to this post by coheigea
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch 3.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit 6f774a0cbea695986548029bfe7202d2536ad4d2
Author: Dennis Kieselhorst <[hidden email]>
AuthorDate: Sun Nov 8 11:07:26 2020 +0100

    Jenkins: fix JDK refs
   
    (cherry picked from commit b1ab732fb0d10056c125fce80b5e79aad7b26cc3)
---
 Jenkinsfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index 9aff7c6..781ebe5 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -33,7 +33,7 @@ pipeline {
         axes {
           axis {
             name 'JAVA_VERSION'
-            values 'JDK 1.8 (latest)', 'JDK 11 (latest)'
+            values 'jdk_1.8_latest', 'jdk_11_latest'
           }
         }
         stages {

Reply | Threaded
Open this post in threaded view
|

[cxf] 10/10: Recording .gitmergeinfo Changes

coheigea
Administrator
In reply to this post by coheigea
This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch 3.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf.git

commit 65ce2461c578bd1d7b65fc6c3abc5531804736b7
Author: Colm O hEigeartaigh <[hidden email]>
AuthorDate: Fri Nov 13 06:43:36 2020 +0000

    Recording .gitmergeinfo Changes
---
 .gitmergeinfo | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitmergeinfo b/.gitmergeinfo
index 152010a..4658871 100644
--- a/.gitmergeinfo
+++ b/.gitmergeinfo
@@ -1,2 +1,3 @@
 origin/master
 
+B 28780a99ff888d6e27c1c6d92dda0046bf513d33