}
}else if(PolicyUtil.isSamlToken(tokenAssertion, spVersion)){
AuthenticationTokenPolicy.SAMLAssertionBinding sab = new AuthenticationTokenPolicy.SAMLAssertionBinding();
//(AuthenticationTokenPolicy.SAMLAssertionBinding)policy.newSAMLAssertionKeyBinding();
SamlToken samlToken = (SamlToken)tokenAssertion;
sab.setUUID(token.getTokenId());
sab.setSTRID(token.getTokenId());
sab.setReferenceType(MessageConstants.DIRECT_REFERENCE_TYPE);
setTokenInclusion(sab,(Token) tokenAssertion);
sab.isOptional(tokenAssertion.isOptional());
//sab.setPolicyToken((Token) tokenAssertion);
if(samlToken.getIssuer() != null){
Address addr = samlToken.getIssuer().getAddress();
if(addr != null)
sab.setIssuer(addr.getURI().toString());
} else if(samlToken.getIssuerName() != null){
sab.setIssuer(samlToken.getIssuerName().getIssuerName());
}
if(samlToken.getClaims() != null){
sab.setClaims(samlToken.getClaims().getClaimsAsBytes());
}
if(samlToken.isRequireDerivedKeys()){
DerivedTokenKeyBinding dtKB = new DerivedTokenKeyBinding();
dtKB.setOriginalKeyBinding(sab);
policy.setKeyBinding(dtKB);
dtKB.setUUID(pid.generateID());
}else{