assertionWrapper.toDOM(saaj.getSOAPPart());
storeAssertionAsSecurityToken(assertionWrapper);
addSig(doIssuedTokenSignature(token, wrapper));
} else if (token instanceof UsernameToken) {
// Create a UsernameToken object for derived keys and store the security token
WSSecUsernameToken usernameToken = addDKUsernameToken((UsernameToken)token, true);
String id = usernameToken.getId();
byte[] secret = usernameToken.getDerivedKey();
Date created = new Date();
Date expires = new Date();
expires.setTime(created.getTime() + 300000);
SecurityToken tempTok =
new SecurityToken(id, usernameToken.getUsernameTokenElement(), created, expires);
tempTok.setSecret(secret);
getTokenStore().add(tempTok);
message.setContextualProperty(SecurityConstants.TOKEN_ID, tempTok.getId());
addSig(doIssuedTokenSignature(token, wrapper));