//done signature; now test sig-verification:
{
WSSSecurityProperties securityProperties = new WSSSecurityProperties();
securityProperties.setValidateSamlSubjectConfirmation(false);
securityProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
securityProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("receiver.jks"), "default".toCharArray());
CallbackHandlerImpl callbackHandler = new CallbackHandlerImpl();
securityProperties.setCallbackHandler(callbackHandler);
InboundWSSec wsSecIn = WSSec.getInboundWSSec(securityProperties);