policyEnforcer.registerSecurityEvent(operationSecurityEvent);
List<XMLSecurityConstants.ContentType> protectionOrder = new LinkedList<XMLSecurityConstants.ContentType>();
protectionOrder.add(XMLSecurityConstants.ContentType.SIGNATURE);
protectionOrder.add(XMLSecurityConstants.ContentType.ENCRYPTION);
ContentEncryptedElementSecurityEvent contentEncryptedElementSecurityEvent = new ContentEncryptedElementSecurityEvent(null, true, protectionOrder);
contentEncryptedElementSecurityEvent.setElementPath(WSSConstants.SOAP_11_BODY_PATH);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
List<QName> headerPath = new ArrayList<QName>();
headerPath.add(new QName("http://example.org", "a"));
contentEncryptedElementSecurityEvent.setElementPath(headerPath);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
//additional ContentEncryptedElements are also allowed!
headerPath = new ArrayList<QName>();
headerPath.add(new QName("http://example.org", "b"));
contentEncryptedElementSecurityEvent.setElementPath(headerPath);
policyEnforcer.registerSecurityEvent(contentEncryptedElementSecurityEvent);
policyEnforcer.doFinal();
}