// We might have an IssuedToken TransportToken
private void assertNonHttpsTransportToken(Message message) throws XMLSecurityException {
TLSSessionInfo tlsInfo = message.get(TLSSessionInfo.class);
if (tlsInfo != null) {
HttpsTokenSecurityEvent httpsTokenSecurityEvent = new HttpsTokenSecurityEvent();
if (tlsInfo.getPeerCertificates() != null && tlsInfo.getPeerCertificates().length > 0) {
httpsTokenSecurityEvent.setAuthenticationType(
HttpsTokenSecurityEvent.AuthenticationType.HttpsClientCertificateAuthentication
);
HttpsSecurityTokenImpl httpsSecurityToken =
new HttpsSecurityTokenImpl((X509Certificate)tlsInfo.getPeerCertificates()[0]);
httpsSecurityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainSignature);
httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
} else if (httpsTokenSecurityEvent.getAuthenticationType() == null) {
httpsTokenSecurityEvent.setAuthenticationType(
HttpsTokenSecurityEvent.AuthenticationType.HttpsNoAuthentication
);
HttpsSecurityTokenImpl httpsSecurityToken = new HttpsSecurityTokenImpl();
httpsSecurityToken.addTokenUsage(WSSecurityTokenConstants.TokenUsage_MainSignature);
httpsTokenSecurityEvent.setSecurityToken(httpsSecurityToken);
}
List<SecurityEvent> securityEvents = getSecurityEventList(message);
securityEvents.add(httpsTokenSecurityEvent);
}
}