Use basic authentication as a motivating scenario for looking at policy plug points. Generic username/password processing is added as an interceptor. Specific axis configuration is performed by new logic specific to binding.ws which is invoked if the basic auth policy is present (we need to think about this mechanism). I added a binding-ws-axis2-policy module as a replacement for policy-security-ws but haven't moved over to it yet. I also added a message header map to Message but have only been experimenting to date.

git-svn-id: http://svn.us.apache.org/repos/asf/tuscany@692411 13f79535-47bb-0310-9956-ffa450edef68

53 files changed, 2925 insertions, 34 deletions

diff --git a/java/sca/itest/policy-security-basicauth/pom.xml b/java/sca/itest/policy-security-basicauth/pom.xml
new file mode 100644
index 0000000000..ca9257b827
--- /dev/null
+++ b/java/sca/itest/policy-security-basicauth/pom.xml
@@ -0,0 +1,113 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    * Licensed to the Apache Software Foundation (ASF) under one
+    * or more contributor license agreements.  See the NOTICE file
+    * distributed with this work for additional information
+    * regarding copyright ownership.  The ASF licenses this file
+    * to you under the Apache License, Version 2.0 (the
+    * "License"); you may not use this file except in compliance
+    * with the License.  You may obtain a copy of the License at
+    * 
+    *   http://www.apache.org/licenses/LICENSE-2.0
+    * 
+    * Unless required by applicable law or agreed to in writing,
+    * software distributed under the License is distributed on an
+    * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    * KIND, either express or implied.  See the License for the
+    * specific language governing permissions and limitations
+    * under the License.    
+-->
+<project>
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>org.apache.tuscany.sca</groupId>
+        <artifactId>tuscany-itest</artifactId>
+        <version>1.4-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+    <artifactId>itest-policy-security-basicauth</artifactId>
+    <name>Apache Tuscany SCA Policy Basic Authentication Integration Tests</name>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.apache.tuscany.sca</groupId>
+            <artifactId>tuscany-node-api</artifactId>
+            <version>1.4-SNAPSHOT</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.tuscany.sca</groupId>
+            <artifactId>tuscany-node-impl</artifactId>
+            <version>1.4-SNAPSHOT</version>
+            <scope>runtime</scope>
+        </dependency>
+        
+        <dependency>
+            <groupId>org.apache.tuscany.sca</groupId>
+            <artifactId>tuscany-implementation-java-runtime</artifactId>
+            <version>1.4-SNAPSHOT</version>
+            <scope>runtime</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.tuscany.sca</groupId>
+            <artifactId>tuscany-binding-ws-axis2</artifactId>
+            <version>1.4-SNAPSHOT</version>
+            <scope>runtime</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.tuscany.sca</groupId>
+            <artifactId>tuscany-binding-ws-axis2-policy</artifactId>
+            <version>1.4-SNAPSHOT</version>
+            <scope>runtime</scope>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.tuscany.sca</groupId>
+            <artifactId>tuscany-host-tomcat</artifactId>
+            <version>1.4-SNAPSHOT</version>
+            <scope>runtime</scope>
+        </dependency> 
+        
+        <dependency>
+            <groupId>org.apache.tuscany.sca</groupId>
+            <artifactId>tuscany-binding-jms-runtime</artifactId>
+            <version>1.4-SNAPSHOT</version>
+        </dependency> 
+        
+        <dependency>
+            <groupId>org.apache.activemq</groupId>
+            <artifactId>activemq-core</artifactId>
+            <version>4.1.1</version>
+            <scope>runtime</scope>
+        </dependency>
+        
+        <dependency>
+           <groupId>org.apache.geronimo.specs</groupId>
+           <artifactId>geronimo-jms_1.1_spec</artifactId>
+           <version>1.1</version>
+           <scope>provided</scope>
+           <exclusions>
+               <exclusion>
+                   <groupId>org.apache.geronimo.specs</groupId>
+                   <artifactId>geronimo-jms_1.1_spec</artifactId>
+               </exclusion>
+           </exclusions>
+        </dependency>  
+
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>4.2</version>
+        </dependency>
+        
+        <dependency>
+            <groupId>httpunit</groupId>
+            <artifactId>httpunit</artifactId>
+            <version>1.6.1</version>
+            <scope>test</scope>
+        </dependency>        
+
+    </dependencies>
+</project>
diff --git a/java/sca/itest/policy-security-basicauth/src/main/java/helloworld/HelloWorldClientImpl.java b/java/sca/itest/policy-security-basicauth/src/main/java/helloworld/HelloWorldClientImpl.java
new file mode 100644
index 0000000000..55b798edbe
--- /dev/null
+++ b/java/sca/itest/policy-security-basicauth/src/main/java/helloworld/HelloWorldClientImpl.java
@@ -0,0 +1,42 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+package helloworld;
+
+import org.osoa.sca.annotations.Reference;
+import org.osoa.sca.annotations.Service;
+
+/**
+ * This class implements the HelloWorld service.
+ */
+@Service(HelloWorldService.class)
+public class HelloWorldClientImpl implements HelloWorldService {
+    
+    @Reference
+    protected HelloWorldService helloworldWS;
+    
+    @Reference
+    protected HelloWorldService helloworldJMS;    
+
+    public String getGreetings(String name) {
+        return "Hello " + 
+                helloworldWS.getGreetings(name) + 
+                helloworldJMS.getGreetings(name);
+    }
+
+}
diff --git a/java/sca/itest/policy-security-basicauth/src/main/java/helloworld/HelloWorldService.java b/java/sca/itest/policy-security-basicauth/src/main/java/helloworld/HelloWorldService.java
new file mode 100644
index 0000000000..268d90e910
--- /dev/null
+++ b/java/sca/itest/policy-security-basicauth/src/main/java/helloworld/HelloWorldService.java
@@ -0,0 +1,30 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+package helloworld;
+
+import org.osoa.sca.annotations.Remotable;
+
+/**
+ * This is the business interface of the HelloWorld greetings service.
+ */
+@Remotable
+public interface HelloWorldService {
+
+    public String getGreetings(String name);
+}
diff --git a/java/sca/itest/policy-security-basicauth/src/main/java/helloworld/HelloWorldServiceImpl.java b/java/sca/itest/policy-security-basicauth/src/main/java/helloworld/HelloWorldServiceImpl.java
new file mode 100644
index 0000000000..411dcae605
--- /dev/null
+++ b/java/sca/itest/policy-security-basicauth/src/main/java/helloworld/HelloWorldServiceImpl.java
@@ -0,0 +1,33 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+package helloworld;
+
+import org.osoa.sca.annotations.Service;
+
+/**
+ * This class implements the HelloWorld service.
+ */
+@Service(HelloWorldService.class)
+public class HelloWorldServiceImpl implements HelloWorldService {
+
+    public String getGreetings(String name) {
+        return "Hello " + name;
+    }
+
+}
diff --git a/java/sca/itest/policy-security-basicauth/src/main/resources/definitions.xml b/java/sca/itest/policy-security-basicauth/src/main/resources/definitions.xml
new file mode 100644
index 0000000000..9099191b27
--- /dev/null
+++ b/java/sca/itest/policy-security-basicauth/src/main/resources/definitions.xml
@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="ASCII"?>
+<!--
+    * Licensed to the Apache Software Foundation (ASF) under one
+    * or more contributor license agreements.  See the NOTICE file
+    * distributed with this work for additional information
+    * regarding copyright ownership.  The ASF licenses this file
+    * to you under the Apache License, Version 2.0 (the
+    * "License"); you may not use this file except in compliance
+    * with the License.  You may obtain a copy of the License at
+    * 
+    *   http://www.apache.org/licenses/LICENSE-2.0
+    * 
+    * Unless required by applicable law or agreed to in writing,
+    * software distributed under the License is distributed on an
+    * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    * KIND, either express or implied.  See the License for the
+    * specific language governing permissions and limitations
+    * under the License.    
+-->
+<definitions xmlns="http://www.osoa.org/xmlns/sca/1.0" 
+             targetNamespace="http://itest/policy"
+    		 xmlns:sca="http://www.osoa.org/xmlns/sca/1.0" 
+    		 xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0"
+             xmlns:ip="http://itest/policy" >
+
+
+    <sca:policySet name="BasicAuthenticationPolicySet"
+                   provides="authentication"
+                   appliesTo="sca:binding.ws">
+                   
+        <tuscany:basicAuthentication>
+          <tuscany:userName>myname</tuscany:userName>
+          <tuscany:password>mypassword</tuscany:password>
+        </tuscany:basicAuthentication>
+        
+    </sca:policySet>
+      
+    <!-- some authentication implementation policies - may think about these later 
+    <policySet name="allowed_users" appliesTo="sca:implementation.java">
+    	<permitAll/>
+    </policySet>
+    
+    <policySet name="runAsAdmin" appliesTo="sca:implementation.java">
+    	<runAs role="Administrator"/>
+    </policySet>
+    -->
+</definitions>
\ No newline at end of file
diff --git a/java/sca/itest/policy-security-basicauth/src/main/resources/helloworld.composite b/java/sca/itest/policy-security-basicauth/src/main/resources/helloworld.composite
new file mode 100644
index 0000000000..247b2b56e4
--- /dev/null
+++ b/java/sca/itest/policy-security-basicauth/src/main/resources/helloworld.composite
@@ -0,0 +1,58 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+    * Licensed to the Apache Software Foundation (ASF) under one
+    * or more contributor license agreements.  See the NOTICE file
+    * distributed with this work for additional information
+    * regarding copyright ownership.  The ASF licenses this file
+    * to you under the Apache License, Version 2.0 (the
+    * "License"); you may not use this file except in compliance
+    * with the License.  You may obtain a copy of the License at
+    * 
+    *   http://www.apache.org/licenses/LICENSE-2.0
+    * 
+    * Unless required by applicable law or agreed to in writing,
+    * software distributed under the License is distributed on an
+    * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+    * KIND, either express or implied.  See the License for the
+    * specific language governing permissions and limitations
+    * under the License.    
+-->
+<composite xmlns="http://www.osoa.org/xmlns/sca/1.0" 
+           targetNamespace="http://itest/policy"
+           xmlns:sca="http://www.osoa.org/xmlns/sca/1.0"
+           xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0"
+           xmlns:ip="http://itest/policy"
+           name="Helloworld">
+           
+    <component name="HelloWorldClientComponent">
+        <implementation.java class="helloworld.HelloWorldClientImpl" />
+        <service name="HelloWorldService">
+            <interface.java interface="helloworld.HelloWorldService"/>
+            <binding.sca/>
+        </service>
+        <reference name="helloworldWS" requires="authentication">
+            <binding.ws uri="http://localhost:8085/HelloWorldServiceWSComponent"/>
+        </reference>
+        <reference name="helloworldJMS">
+            <binding.jms uri="jms:HelloWorldService"/>
+        </reference>
+    </component>           
+
+    <component name="HelloWorldServiceWSComponent">
+        <implementation.java class="helloworld.HelloWorldServiceImpl" />
+        <service name="HelloWorldService" requires="authentication">
+        	<interface.java interface="helloworld.HelloWorldService"/>
+            <binding.ws uri="http://localhost:8085/HelloWorldServiceWSComponent"/>
+        </service>
+    </component>
+    
+    <component name="HelloWorldServiceJMSComponent">
+        <implementation.java class="helloworld.HelloWorldServiceImpl" />
+        
+        <!--service name="HelloWorldService" requires="authentication"-->
+        <service name="HelloWorldService" >
+            <interface.java interface="helloworld.HelloWorldService"/>
+            <binding.jms/>
+        </service>
+    </component>    
+</composite>
diff --git a/java/sca/itest/policy-security-basicauth/src/main/resources/jndi.properties b/java/sca/itest/policy-security-basicauth/src/main/resources/jndi.properties
new file mode 100644
index 0000000000..9abdff215d
--- /dev/null
+++ b/java/sca/itest/policy-security-basicauth/src/main/resources/jndi.properties
@@ -0,0 +1,39 @@
+## ---------------------------------------------------------------------------
+## Licensed to the Apache Software Foundation (ASF) under one or more
+## contributor license agreements.  See the NOTICE file distributed with
+## this work for additional information regarding copyright ownership.
+## The ASF licenses this file to You under the Apache License, Version 2.0
+## (the "License"); you may not use this file except in compliance with
+## the License.  You may obtain a copy of the License at
+## 
+## http://www.apache.org/licenses/LICENSE-2.0
+## 
+## Unless required by applicable law or agreed to in writing, software
+## distributed under the License is distributed on an "AS IS" BASIS,
+## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+## See the License for the specific language governing permissions and
+## limitations under the License.
+## ---------------------------------------------------------------------------
+
+# START SNIPPET: jndi
+
+java.naming.factory.initial = org.apache.activemq.jndi.ActiveMQInitialContextFactory
+
+# use the following property to configure the default connector
+java.naming.provider.url = vm://localhost?broker.persistent=false
+
+# use the following property to specify the JNDI name the connection factory
+# should appear as. 
+#connectionFactoryNames = connectionFactory, queueConnectionFactory, topicConnectionFactry
+connectionFactoryNames = ConnectionFactory
+
+# register some queues in JNDI using the form
+# queue.[jndiName] = [physicalName]
+queue.RequestQueue = RequestQueue
+queue.ResponseQueue = ResponseQueue
+
+# register some topics in JNDI using the form
+# topic.[jndiName] = [physicalName]
+#topic.MyTopic = example.MyTopic
+
+# END SNIPPET: jndi
diff --git a/java/sca/itest/policy-security-basicauth/src/test/java/org/apache/tuscany/sca/itest/BasicAuthTestCase.java b/java/sca/itest/policy-security-basicauth/src/test/java/org/apache/tuscany/sca/itest/BasicAuthTestCase.java
new file mode 100644
index 0000000000..b6e0444d2d
--- /dev/null
+++ b/java/sca/itest/policy-security-basicauth/src/test/java/org/apache/tuscany/sca/itest/BasicAuthTestCase.java
@@ -0,0 +1,114 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.tuscany.sca.itest;
+
+import java.io.ByteArrayInputStream;
+
+import junit.framework.Assert;
+import helloworld.HelloWorldService;
+
+import org.apache.tuscany.sca.node.SCAClient;
+import org.apache.tuscany.sca.node.SCANode;
+import org.apache.tuscany.sca.node.SCANodeFactory;
+import org.apache.ws.security.util.Base64;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
+import org.junit.Ignore;
+import org.junit.Test;
+
+import com.meterware.httpunit.PostMethodWebRequest;
+import com.meterware.httpunit.WebConversation;
+import com.meterware.httpunit.WebRequest;
+import com.meterware.httpunit.WebResponse;
+
+public class BasicAuthTestCase {
+    private static SCANode node;
+    private static HelloWorldService service;
+
+    @BeforeClass
+    public static void init() throws Exception {
+        try {
+            SCANodeFactory factory = SCANodeFactory.newInstance();
+            node = factory.createSCANodeFromClassLoader("helloworld.composite", 
+                                                        BasicAuthTestCase.class.getClassLoader());
+            node.start();
+            
+            service = ((SCAClient)node).getService(HelloWorldService.class, "HelloWorldClientComponent");
+        } catch (Exception ex) {
+            ex.printStackTrace();
+        }
+    }
+
+    @AfterClass
+    public static void destroy() throws Exception {
+        node.stop();
+    }
+    
+    @Test
+    //@Ignore
+    public void testViaSCAClient() {
+        String greetings = service.getGreetings("Simon");
+        System.out.println(">>>" + greetings);
+    } 
+    
+    @Test
+    @Ignore
+    public void testWSViaNonSCAClient() {
+        
+        try {
+            String token ="MyToken";
+            String encToken = Base64.encode(token.getBytes());
+            
+            String response = callService("http://L3AW203:8085/HelloWorldServiceWSComponent",
+                                          "<?xml version='1.0' encoding='UTF-8'?>" +
+                                            "<soapenv:Envelope xmlns:soapenv=\"http://schemas.xmlsoap.org/soap/envelope/\">" + 
+                                             "<soapenv:Header>" + 
+                                               "<ns2:Token xmlns:ns2=\"http://helloworld/\">" + encToken + "</ns2:Token>" + 
+                                             "</soapenv:Header>" + 
+                                             "<soapenv:Body>" + 
+                                               "<ns2:getGreetings xmlns:ns2=\"http://helloworld/\">" + 
+                                                 "<arg0>Simon</arg0>" + 
+                                               "</ns2:getGreetings>" + 
+                                             "</soapenv:Body>" + 
+                                            "</soapenv:Envelope>" );
+            System.out.println(">>>" + response);
+        } catch(Exception ex) {
+            System.out.println(ex.toString());
+        }
+    } 
+    
+    @Test
+    public void testJMSViaNonSCAClient() {
+        // TODO
+    }
+    
+    public String callService(String url, String requestString) throws Exception {
+        System.out.println("Request = " + requestString);
+        WebConversation wc   = new WebConversation();
+        wc.setAuthorization("Me", "MyPasswd");
+        WebRequest request   = new PostMethodWebRequest( url, 
+                                                         new ByteArrayInputStream(requestString.getBytes("UTF-8")),"text/xml");
+        request.setHeaderField("SOAPAction", "");
+        WebResponse response = wc.getResource(request);
+        System.out.println("Response= " + response.getText());               
+        Assert.assertEquals(200, response.getResponseCode());
+        return response.getText(); 
+    }    
+}
diff --git a/java/sca/itest/pom.xml b/java/sca/itest/pom.xml
index 63adb74b34..5f614dc5f6 100644
--- a/java/sca/itest/pom.xml
+++ b/java/sca/itest/pom.xml
@@ -101,6 +101,7 @@
                 <module>osgi-contribution</module>
                 <module>policy</module>
                 <module>policy-security</module>
+                <module>policy-security-basicauth</module>
                 <module>policy-security-jsr250</module>
                 <module>properties</module>
                 <module>recursive</module>
diff --git a/java/sca/modules/assembly/src/main/resources/assembly-validation-messages.properties b/java/sca/modules/assembly/src/main/resources/assembly-validation-messages.properties
index f9760aa3cb..6aeda18aab 100644
--- a/java/sca/modules/assembly/src/main/resources/assembly-validation-messages.properties
+++ b/java/sca/modules/assembly/src/main/resources/assembly-validation-messages.properties
@@ -37,8 +37,8 @@ ReferenceIncompatibleMultiplicity = Component reference multiplicity incompatibl
 ReferenceIncompatibleInterface = Incompatible interfaces on component reference and target: Composite = {0} Reference = {1} Service = {2}
 ReferenceIncompatibleComponentInterface = Component reference interface incompatible with reference interface: Component = {0} Reference = {1}
 ServiceIncompatibleComponentInterface = Component service interface incompatible with service interface: Component = {0} Service = {1}
-MultipleBindingsForService = Multiple bindings with the same name for a service: Binding = {0} Service = {1} Binding = {2}
-MultipleBindingsForReference = Multiple bindings with the same name for a reference: Binding = {0} Reference = {1} Binding = {2}
+MultipleBindingsForService = Multiple bindings with the same name for a service: Service = {0} Binding name = {1}
+MultipleBindingsForReference = Multiple bindings with the same name for a reference: Reference = {0} Binding name = {1}
 ReferenceWithoutTargets = No targets for reference: Composite = {0} Reference = {1}
 PromotedReferenceNotFound = Promoted component reference not found: Composite = {0} Reference = {1}
 PromotedServiceNotFound = Promoted component service not found: Composite = {0} Service = {1}
diff --git a/java/sca/modules/binding-ws-axis2-policy/LICENSE b/java/sca/modules/binding-ws-axis2-policy/LICENSE
new file mode 100644
index 0000000000..8aa906c321
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/LICENSE
@@ -0,0 +1,205 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
+
+
+
diff --git a/java/sca/modules/binding-ws-axis2-policy/NOTICE b/java/sca/modules/binding-ws-axis2-policy/NOTICE
new file mode 100644
index 0000000000..fdfa0e9faa
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/NOTICE
@@ -0,0 +1,6 @@
+${pom.name}
+Copyright (c) 2005 - 2008 The Apache Software Foundation
+
+This product includes software developed by
+The Apache Software Foundation (http://www.apache.org/).
+
diff --git a/java/sca/modules/binding-ws-axis2-policy/pom.xml b/java/sca/modules/binding-ws-axis2-policy/pom.xml
new file mode 100644
index 0000000000..a98e5519f7
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/pom.xml
@@ -0,0 +1,149 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+-->
+<project>
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>org.apache.tuscany.sca</groupId>
+        <artifactId>tuscany-modules</artifactId>
+        <version>1.4-SNAPSHOT</version>
+        <relativePath>../pom.xml</relativePath>
+    </parent>
+    <artifactId>tuscany-binding-ws-axis2-policy</artifactId>
+    <name>Apache Tuscany Policy Model for Axis2 WS binding</name>
+    
+    <dependencies>
+        <dependency>
+            <groupId>org.apache.tuscany.sca</groupId>
+            <artifactId>tuscany-contribution</artifactId>
+            <version>1.4-SNAPSHOT</version>
+        </dependency>
+        
+        <dependency>
+            <groupId>org.apache.tuscany.sca</groupId>
+            <artifactId>tuscany-assembly-xml</artifactId>
+            <version>1.4-SNAPSHOT</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.tuscany.sca</groupId>
+            <artifactId>tuscany-policy-security</artifactId>
+            <version>1.4-SNAPSHOT</version>
+        </dependency>
+		
+    	<dependency>
+            <groupId>org.apache.ws.commons.axiom</groupId>
+            <artifactId>axiom-api</artifactId>
+            <exclusions>
+                <exclusion>
+                    <groupId>xerces</groupId>
+                    <artifactId>xercesImpl</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>javax.mail</groupId>
+                    <artifactId>mail</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>commons-logging</groupId>
+                    <artifactId>commons-logging</artifactId>
+                </exclusion>                 
+                <exclusion>
+                    <groupId>xml-apis</groupId>
+                    <artifactId>xml-apis</artifactId>
+                </exclusion>
+            </exclusions>
+            <version>1.2.5</version>
+        </dependency>
+
+        <dependency>
+            <groupId>org.apache.ws.commons.axiom</groupId>
+            <artifactId>axiom-impl</artifactId>
+            <version>1.2.5</version>
+        </dependency>
+        
+        <dependency>
+            <groupId>org.apache.axis2</groupId>
+            <artifactId>axis2-kernel</artifactId>
+            <version>1.3</version>      
+            <exclusions>
+                <exclusion>
+                    <groupId>backport-util-concurrent</groupId>
+                    <artifactId>backport-util-concurrent</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>xalan</groupId>
+                    <artifactId>xalan</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>xerces</groupId>
+                    <artifactId>xercesImpl</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        
+        <dependency>
+            <groupId>backport-util-concurrent</groupId>
+            <artifactId>backport-util-concurrent</artifactId>
+            <version>3.0</version>
+            <scope>test</scope>
+        </dependency>
+        
+        <dependency>
+            <groupId>org.apache.neethi</groupId>
+            <artifactId>neethi</artifactId>
+            <version>2.0.2</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>wsdl4j</groupId>
+                    <artifactId>wsdl4j</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.codehaus.woodstox</groupId>
+                    <artifactId>wstx-asl</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        
+        <dependency>
+            <groupId>org.apache.tuscany.sca</groupId>
+            <artifactId>tuscany-contribution-impl</artifactId>
+            <version>1.4-SNAPSHOT</version>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.felix</groupId>
+                <artifactId>maven-bundle-plugin</artifactId>
+
+                <configuration>
+                    <instructions>
+                        <Bundle-Version>${tuscany.version}</Bundle-Version>
+                        <Bundle-SymbolicName>org.apache.tuscany.sca.policy.security.ws</Bundle-SymbolicName>
+                        <Bundle-Description>${pom.name}</Bundle-Description>
+                        <Export-Package>org.apache.tuscany.sca.policy.security.ws*</Export-Package>
+                    </instructions>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+</project>
diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationPolicy.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationPolicy.java
new file mode 100644
index 0000000000..2b7d753023
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationPolicy.java
@@ -0,0 +1,67 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic;
+
+import javax.xml.namespace.QName;
+
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.policy.Policy;
+
+/**
+ * Implementation for policies that could be injected as parameter
+ * into the axis2config.
+ *
+ * @version $Rev$ $Date$
+ */
+public class Axis2BasicAuthenticationPolicy implements Policy {
+    public static final QName AXIS2_BASIC_AUTHENTICATION_POLICY_QNAME = new QName(Constants.SCA10_TUSCANY_NS, "axis2BasicAuthentication");
+    public static final String AXIS2_BASIC_AUTHENTICATION_USERNAME = "username";
+    public static final String AXIS2_BASIC_AUTHENTICATION_PASSWORD = "password";
+    public static final String AXIS2_BASIC_AUTHENTICATION_HTTP_HEADER = "httpheader";
+
+    private String userName;
+    private String password;
+    
+    public String getUserName() {
+        return userName;
+    }
+    
+    public void setUserName(String userName) {
+        this.userName = userName;
+    }
+    
+    public String getPassword() {
+        return password;
+    }
+    
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public QName getSchemaName() {
+        return AXIS2_BASIC_AUTHENTICATION_POLICY_QNAME;
+    }
+
+    public boolean isUnresolved() {
+        return false;
+    }
+
+    public void setUnresolved(boolean unresolved) {
+    }
+}
diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationPolicyProcessor.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationPolicyProcessor.java
new file mode 100644
index 0000000000..019d59b80b
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationPolicyProcessor.java
@@ -0,0 +1,123 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic;
+
+import static javax.xml.stream.XMLStreamConstants.END_ELEMENT;
+import static javax.xml.stream.XMLStreamConstants.START_ELEMENT;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.contribution.ModelFactoryExtensionPoint;
+import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor;
+import org.apache.tuscany.sca.contribution.resolver.ModelResolver;
+import org.apache.tuscany.sca.contribution.service.ContributionReadException;
+import org.apache.tuscany.sca.contribution.service.ContributionResolveException;
+import org.apache.tuscany.sca.contribution.service.ContributionWriteException;
+import org.apache.tuscany.sca.monitor.Monitor;
+
+/**
+ *
+ * @version $Rev$ $Date$
+ */
+public class Axis2BasicAuthenticationPolicyProcessor implements StAXArtifactProcessor<Axis2BasicAuthenticationPolicy> {
+    
+    public QName getArtifactType() {
+        return Axis2BasicAuthenticationPolicy.AXIS2_BASIC_AUTHENTICATION_POLICY_QNAME;
+    }
+    
+    public Axis2BasicAuthenticationPolicyProcessor(ModelFactoryExtensionPoint modelFactories, Monitor monitor) {
+    }
+
+    
+    public Axis2BasicAuthenticationPolicy read(XMLStreamReader reader) throws ContributionReadException, XMLStreamException {
+        Axis2BasicAuthenticationPolicy policy = new Axis2BasicAuthenticationPolicy();
+        int event = reader.getEventType();
+        QName name = null;
+        
+        while (reader.hasNext()) {
+            event = reader.getEventType();
+            switch (event) {
+                case START_ELEMENT : {
+                    name = reader.getName();
+                    if ( name.equals(getArtifactType()) ) {
+                        // no attributes at the moment
+                    } else if ( Axis2BasicAuthenticationPolicy.AXIS2_BASIC_AUTHENTICATION_USERNAME.equals(name.getLocalPart()) ) {
+                        policy.setUserName(reader.getElementText());
+                    } else if ( Axis2BasicAuthenticationPolicy.AXIS2_BASIC_AUTHENTICATION_PASSWORD.equals(name.getLocalPart()) ) {
+                        policy.setPassword(reader.getElementText());
+                    }
+                    break;
+                }
+            }
+            
+            if ( event == END_ELEMENT ) {
+                if ( getArtifactType().equals(reader.getName()) ) {
+                    break;
+                } 
+            }
+            
+            //Read the next element
+            if (reader.hasNext()) {
+                reader.next();
+            }
+        }
+         
+        return policy;
+    }
+
+    public void write(Axis2BasicAuthenticationPolicy policy, XMLStreamWriter writer) 
+        throws ContributionWriteException, XMLStreamException {
+        String prefix = "tuscany";
+        writer.writeStartElement(prefix, 
+                                 getArtifactType().getLocalPart(),
+                                 getArtifactType().getNamespaceURI());
+        writer.writeNamespace("tuscany", Constants.SCA10_TUSCANY_NS);
+
+        if ( policy.getUserName() != null ) {
+            writer.writeStartElement(prefix, 
+                                     Axis2BasicAuthenticationPolicy.AXIS2_BASIC_AUTHENTICATION_USERNAME,
+                                     getArtifactType().getNamespaceURI());
+            writer.writeCharacters(policy.getUserName());
+            writer.writeEndElement();
+        }
+        
+        if ( policy.getPassword() != null ) {
+            writer.writeStartElement(prefix, 
+                                     Axis2BasicAuthenticationPolicy.AXIS2_BASIC_AUTHENTICATION_PASSWORD,
+                                     getArtifactType().getNamespaceURI());
+            writer.writeCharacters(policy.getPassword());
+            writer.writeEndElement();
+        }        
+        
+        writer.writeEndElement();
+    }
+
+    public Class<Axis2BasicAuthenticationPolicy> getModelType() {
+        return Axis2BasicAuthenticationPolicy.class;
+    }
+
+    public void resolve(Axis2BasicAuthenticationPolicy arg0, ModelResolver arg1) throws ContributionResolveException {
+
+    }
+    
+}
diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationPolicyProviderFactory.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationPolicyProviderFactory.java
new file mode 100644
index 0000000000..5ec4cf9baa
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationPolicyProviderFactory.java
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic;
+
+import org.apache.tuscany.sca.assembly.Binding;
+import org.apache.tuscany.sca.assembly.Implementation;
+import org.apache.tuscany.sca.core.ExtensionPointRegistry;
+import org.apache.tuscany.sca.provider.PolicyProvider;
+import org.apache.tuscany.sca.provider.PolicyProviderFactory;
+import org.apache.tuscany.sca.runtime.RuntimeComponent;
+import org.apache.tuscany.sca.runtime.RuntimeComponentReference;
+import org.apache.tuscany.sca.runtime.RuntimeComponentService;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class Axis2BasicAuthenticationPolicyProviderFactory implements PolicyProviderFactory<Axis2BasicAuthenticationPolicy> {
+    private ExtensionPointRegistry registry;
+    
+    public Axis2BasicAuthenticationPolicyProviderFactory(ExtensionPointRegistry registry) {
+        super();
+        this.registry = registry;
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createImplementationPolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.assembly.Implementation)
+     */
+    public PolicyProvider createImplementationPolicyProvider(RuntimeComponent component, Implementation implementation) {
+        return null;//new WSBasicAuthenticationImplementationPolicyProvider(component, implementation);
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createReferencePolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.runtime.RuntimeComponentReference, org.apache.tuscany.sca.assembly.Binding)
+     */
+    public PolicyProvider createReferencePolicyProvider(RuntimeComponent component,
+                                                        RuntimeComponentReference reference,
+                                                        Binding binding) {
+        return new Axis2BasicAuthenticationReferencePolicyProvider(component, reference, binding);
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createServicePolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.runtime.RuntimeComponentService, org.apache.tuscany.sca.assembly.Binding)
+     */
+    public PolicyProvider createServicePolicyProvider(RuntimeComponent component,
+                                                      RuntimeComponentService service,
+                                                      Binding binding) {
+        return new Axis2BasicAuthenticationServicePolicyProvider(component, service, binding);
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.ProviderFactory#getModelType()
+     */
+    public Class getModelType() {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+}
diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationReferencePolicyInterceptor.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationReferencePolicyInterceptor.java
new file mode 100644
index 0000000000..6bd1eed1bd
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationReferencePolicyInterceptor.java
@@ -0,0 +1,84 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic;
+
+import java.util.logging.ConsoleHandler;
+import java.util.logging.Handler;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import javax.xml.namespace.QName;
+
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.interfacedef.Operation;
+import org.apache.tuscany.sca.invocation.Interceptor;
+import org.apache.tuscany.sca.invocation.Invoker;
+import org.apache.tuscany.sca.invocation.Message;
+import org.apache.tuscany.sca.policy.Policy;
+import org.apache.tuscany.sca.policy.PolicySet;
+
+/**
+ * Policy handler to handle PolicySet related to Logging with the QName
+ * {http://tuscany.apache.org/xmlns/sca/1.0/impl/java}LoggingPolicy
+ *
+ * @version $Rev$ $Date$
+ */
+public class Axis2BasicAuthenticationReferencePolicyInterceptor implements Interceptor {
+    public static final QName policySetQName = new QName(Constants.SCA10_TUSCANY_NS, "wsBasicAuthentication");
+
+    private Invoker next;
+    private Operation operation;
+    private PolicySet policySet = null;
+    private String context;
+    private Axis2BasicAuthenticationPolicy policy;
+
+    public Axis2BasicAuthenticationReferencePolicyInterceptor(String context, Operation operation, PolicySet policySet) {
+        super();
+        this.operation = operation;
+        this.policySet = policySet;
+        this.context = context;
+        init();
+    }
+
+    private void init() {
+        if (policySet != null) {
+            for (Object policyObject : policySet.getPolicies()){
+                if (policyObject instanceof Axis2BasicAuthenticationPolicy){
+                    policy = (Axis2BasicAuthenticationPolicy)policyObject;
+                    break;
+                }
+            }
+        }
+    }
+
+    public Message invoke(Message msg) {
+        // TODO - We might use interceptors to do the Axis2 config
+        //        if we can change the infrastructure split the 
+        //        invoker up
+        return getNext().invoke(msg);
+    }
+
+    public Invoker getNext() {
+        return next;
+    }
+
+    public void setNext(Invoker next) {
+        this.next = next;
+    }
+}
diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationReferencePolicyProvider.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationReferencePolicyProvider.java
new file mode 100644
index 0000000000..530d99c01e
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationReferencePolicyProvider.java
@@ -0,0 +1,90 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic;
+
+import java.util.List;
+
+import org.apache.tuscany.sca.assembly.Binding;
+import org.apache.tuscany.sca.interfacedef.Operation;
+import org.apache.tuscany.sca.invocation.Interceptor;
+import org.apache.tuscany.sca.invocation.Phase;
+import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.PolicySetAttachPoint;
+import org.apache.tuscany.sca.policy.util.PolicyHandler;
+import org.apache.tuscany.sca.provider.PolicyProvider;
+import org.apache.tuscany.sca.runtime.RuntimeComponent;
+import org.apache.tuscany.sca.runtime.RuntimeComponentReference;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class Axis2BasicAuthenticationReferencePolicyProvider implements PolicyProvider {
+    private RuntimeComponent component;
+    private RuntimeComponentReference reference;
+    private Binding binding;
+
+    public Axis2BasicAuthenticationReferencePolicyProvider(RuntimeComponent component,
+                                             RuntimeComponentReference reference,
+                                             Binding binding) {
+        super();
+        this.component = component;
+        this.reference = reference;
+        this.binding = binding;
+    }
+
+    private PolicySet findPolicySet() {
+        if (binding instanceof PolicySetAttachPoint) {
+            List<PolicySet> policySets = ((PolicySetAttachPoint)binding).getApplicablePolicySets();
+            for (PolicySet ps : policySets) {
+                for (Object p : ps.getPolicies()) {
+                    if (Axis2BasicAuthenticationPolicy.class.isInstance(p)) {
+                        return ps;
+                    }
+                }
+            }
+        }
+        return null;
+    }
+
+    private String getContext() {
+        return "component.reference: " + component.getURI()
+            + "#"
+            + reference.getName()
+            + "("
+            + binding.getClass().getName()
+            + ")";
+    }
+    
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProvider#createInterceptor(org.apache.tuscany.sca.interfacedef.Operation)
+     */
+    public Interceptor createInterceptor(Operation operation) {
+        PolicySet ps = findPolicySet();
+        return ps == null ? null : new Axis2BasicAuthenticationReferencePolicyInterceptor(getContext(), operation, ps);
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProvider#getPhase()
+     */
+    public String getPhase() {
+        return Phase.REFERENCE_POLICY;
+    }
+
+}
diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationServicePolicyInterceptor.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationServicePolicyInterceptor.java
new file mode 100644
index 0000000000..f2964650ef
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationServicePolicyInterceptor.java
@@ -0,0 +1,86 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic;
+
+import java.util.Map;
+import java.util.logging.ConsoleHandler;
+import java.util.logging.Handler;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import javax.xml.namespace.QName;
+
+import org.apache.axiom.om.util.Base64;
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.interfacedef.Operation;
+import org.apache.tuscany.sca.invocation.Interceptor;
+import org.apache.tuscany.sca.invocation.Invoker;
+import org.apache.tuscany.sca.invocation.Message;
+import org.apache.tuscany.sca.policy.Policy;
+import org.apache.tuscany.sca.policy.PolicySet;
+
+/**
+ * Policy handler to handle PolicySet related to Logging with the QName
+ * {http://tuscany.apache.org/xmlns/sca/1.0/impl/java}LoggingPolicy
+ *
+ * @version $Rev$ $Date$
+ */
+public class Axis2BasicAuthenticationServicePolicyInterceptor implements Interceptor {
+    public static final QName policySetQName = new QName(Constants.SCA10_TUSCANY_NS, "wsBasicAuthentication");
+
+    private Invoker next;
+    private Operation operation;
+    private PolicySet policySet = null;
+    private String context;
+    private Axis2BasicAuthenticationPolicy policy;
+
+    public Axis2BasicAuthenticationServicePolicyInterceptor(String context, Operation operation, PolicySet policySet) {
+        super();
+        this.operation = operation;
+        this.policySet = policySet;
+        this.context = context;
+        init();
+    }
+
+    private void init() {
+        if (policySet != null) {
+            for (Object policyObject : policySet.getPolicies()){
+                if (policyObject instanceof Axis2BasicAuthenticationPolicy){
+                    policy = (Axis2BasicAuthenticationPolicy)policyObject;
+                    break;
+                }
+            }
+        }
+    }
+
+    public Message invoke(Message msg) {
+        // TODO - We might use interceptors to do the Axis2 config
+        //        if we can change the infrastructure split the 
+        //        invoker up
+        return getNext().invoke(msg);
+    }
+
+    public Invoker getNext() {
+        return next;
+    }
+
+    public void setNext(Invoker next) {
+        this.next = next;
+    }
+}
diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationServicePolicyProvider.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationServicePolicyProvider.java
new file mode 100644
index 0000000000..9c1a9704d3
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationServicePolicyProvider.java
@@ -0,0 +1,89 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic;
+
+import java.util.List;
+
+import org.apache.tuscany.sca.assembly.Binding;
+import org.apache.tuscany.sca.interfacedef.Operation;
+import org.apache.tuscany.sca.invocation.Interceptor;
+import org.apache.tuscany.sca.invocation.Phase;
+import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.PolicySetAttachPoint;
+import org.apache.tuscany.sca.policy.util.PolicyHandler;
+import org.apache.tuscany.sca.provider.PolicyProvider;
+import org.apache.tuscany.sca.runtime.RuntimeComponent;
+import org.apache.tuscany.sca.runtime.RuntimeComponentService;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class Axis2BasicAuthenticationServicePolicyProvider implements PolicyProvider {
+    private RuntimeComponent component;
+    private RuntimeComponentService service;
+    private Binding binding;
+
+    public Axis2BasicAuthenticationServicePolicyProvider(RuntimeComponent component, RuntimeComponentService service, Binding binding) {
+        super();
+        this.component = component;
+        this.service = service;
+        this.binding = binding;
+    }
+
+    private PolicySet findPolicySet() {
+        if (binding instanceof PolicySetAttachPoint) {
+            List<PolicySet> policySets = ((PolicySetAttachPoint)binding).getApplicablePolicySets();
+            for (PolicySet ps : policySets) {
+                for (Object p : ps.getPolicies()) {
+                    if (Axis2BasicAuthenticationPolicy.class.isInstance(p)) {
+                        return ps;
+                    }
+                }
+            }
+        }
+        return null;
+    }
+
+    private String getContext() {
+        return "component.service: " + component.getURI()
+            + "#"
+            + service.getName()
+            + "("
+            + binding.getClass().getName()
+            + ")";
+    }
+ 
+
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProvider#createInterceptor(org.apache.tuscany.sca.interfacedef.Operation)
+     */
+    public Interceptor createInterceptor(Operation operation) {
+        PolicySet ps = findPolicySet();
+        return ps == null ? null : new Axis2BasicAuthenticationReferencePolicyInterceptor(getContext(), operation, ps);
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProvider#getPhase()
+     */
+    public String getPhase() {
+        return Phase.SERVICE_POLICY;
+    }
+
+}
diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/Axis2ConfigParamPolicy.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/Axis2ConfigParamPolicy.java
new file mode 100644
index 0000000000..8d08a3f78e
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/Axis2ConfigParamPolicy.java
@@ -0,0 +1,54 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+package org.apache.tuscany.sca.binding.ws.axis2.policy.configuration;
+
+import java.util.Hashtable;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.policy.Policy;
+
+/**
+ * Implementation for policies that could be injected as parameter
+ * into the axis2config.
+ *
+ * @version $Rev$ $Date$
+ */
+public class Axis2ConfigParamPolicy implements Policy {
+    public static final QName NAME = new QName(Constants.SCA10_TUSCANY_NS, "wsConfigParam");
+    private Map<String, OMElement> paramElements = new Hashtable<String, OMElement>();
+    
+    public Map<String, OMElement> getParamElements() {
+        return paramElements;
+    }
+
+    public QName getSchemaName() {
+        return NAME;
+    }
+
+    public boolean isUnresolved() {
+        return false;
+    }
+
+    public void setUnresolved(boolean unresolved) {
+    }
+}
diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/Axis2ConfigParamPolicyHandler.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/Axis2ConfigParamPolicyHandler.java
new file mode 100644
index 0000000000..5ac4e3f5fd
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/Axis2ConfigParamPolicyHandler.java
@@ -0,0 +1,79 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.tuscany.sca.binding.ws.axis2.policy.configuration;
+
+import org.apache.axis2.AxisFault;
+import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.description.Parameter;
+import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.util.PolicyHandler;
+
+
+/**
+ * Policy handler to handle PolicySet that contain Axis2ConfigParamPolicy instances
+ *
+ * @version $Rev$ $Date$
+ */
+public class Axis2ConfigParamPolicyHandler implements PolicyHandler {
+    private PolicySet applicablePolicySet = null;
+    
+    public void setUp(Object... context) {
+        Axis2ConfigParamPolicy axis2ConfigParamPolicy = null;
+        Parameter configParam = null;
+        for ( Object contextObject : context ) {
+            if ( contextObject instanceof ConfigurationContext ) {
+                ConfigurationContext configContext = (ConfigurationContext)contextObject;
+                for ( Object policy : applicablePolicySet.getPolicies() ) {
+                    if ( policy instanceof Axis2ConfigParamPolicy ) {
+                        axis2ConfigParamPolicy = (Axis2ConfigParamPolicy)policy;
+                        for ( String paramName : axis2ConfigParamPolicy.getParamElements().keySet() ) {
+                            configParam = new Parameter(paramName, 
+                                                        axis2ConfigParamPolicy.getParamElements().get(paramName).getFirstElement());
+                            configParam.setParameterElement(axis2ConfigParamPolicy.getParamElements().get(paramName));
+                            try {
+                                configContext.getAxisConfiguration().addParameter(configParam);
+                            } catch ( AxisFault e ) {
+                                throw new RuntimeException(e);
+                            }
+                        }
+                    } 
+                }
+            }
+        }
+    }
+    
+    public void cleanUp(Object... context) {
+    }
+    
+    public void beforeInvoke(Object... context) { 
+    }
+    
+    public void afterInvoke(Object... context) {
+        
+    }
+
+    public PolicySet getApplicablePolicySet() {
+        return applicablePolicySet;
+    }
+
+    public void setApplicablePolicySet(PolicySet applicablePolicySet) {
+        this.applicablePolicySet = applicablePolicySet;
+    }
+}
diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/Axis2ConfigParamPolicyProcessor.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/Axis2ConfigParamPolicyProcessor.java
new file mode 100644
index 0000000000..6478fbedad
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/Axis2ConfigParamPolicyProcessor.java
@@ -0,0 +1,157 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+package org.apache.tuscany.sca.binding.ws.axis2.policy.configuration;
+
+import static javax.xml.stream.XMLStreamConstants.END_ELEMENT;
+import static javax.xml.stream.XMLStreamConstants.START_ELEMENT;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamConstants;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.apache.axiom.om.OMAbstractFactory;
+import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.OMFactory;
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.contribution.ModelFactoryExtensionPoint;
+import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor;
+import org.apache.tuscany.sca.contribution.resolver.ModelResolver;
+import org.apache.tuscany.sca.contribution.service.ContributionReadException;
+import org.apache.tuscany.sca.contribution.service.ContributionResolveException;
+import org.apache.tuscany.sca.contribution.service.ContributionWriteException;
+import org.apache.tuscany.sca.monitor.Monitor;
+
+/**
+ *
+ * @version $Rev$ $Date$
+ */
+public class Axis2ConfigParamPolicyProcessor implements StAXArtifactProcessor<Axis2ConfigParamPolicy> {
+    public static final QName AXIS2_CONFIG_PARAM_POLICY_QNAME = Axis2ConfigParamPolicy.NAME;
+    public static final String PARAMETER = "parameter";
+    public QName getArtifactType() {
+        return AXIS2_CONFIG_PARAM_POLICY_QNAME;
+    }
+    
+    public Axis2ConfigParamPolicyProcessor(ModelFactoryExtensionPoint modelFactories, Monitor monitor) {
+    }
+
+    public Axis2ConfigParamPolicy read(XMLStreamReader reader) throws ContributionReadException, XMLStreamException {
+        Axis2ConfigParamPolicy policy = new Axis2ConfigParamPolicy();
+        int event = reader.getEventType();
+        QName name = null;
+        OMElement parameterElement = null;
+        String paramName = null;
+        while (reader.hasNext()) {
+            event = reader.getEventType();
+            switch (event) {
+                case START_ELEMENT : {
+                    name = reader.getName();
+                    if ( PARAMETER.equals(name.getLocalPart()) ) {
+                        paramName = reader.getAttributeValue(null, Constants.NAME);
+                        parameterElement = loadElement(reader);
+                        policy.getParamElements().put(paramName, parameterElement);
+                    }
+                    break;
+                }
+            }
+            
+            if ( event == END_ELEMENT ) {
+                if ( AXIS2_CONFIG_PARAM_POLICY_QNAME.equals(reader.getName()) ) {
+                    break;
+                } 
+            }
+            
+            //Read the next element
+            if (reader.hasNext()) {
+                reader.next();
+            }
+        }
+         
+        return policy;
+    }
+
+    public void write(Axis2ConfigParamPolicy arg0, XMLStreamWriter arg1) throws ContributionWriteException,
+                                                        XMLStreamException {
+    }
+
+    public Class<Axis2ConfigParamPolicy> getModelType() {
+        return Axis2ConfigParamPolicy.class;
+    }
+
+    public void resolve(Axis2ConfigParamPolicy arg0, ModelResolver arg1) throws ContributionResolveException {
+
+    }
+    
+    private OMElement loadElement(XMLStreamReader reader) throws XMLStreamException {
+        OMFactory fac = OMAbstractFactory.getOMFactory();
+        OMElement head = fac.createOMElement(reader.getName());
+        OMElement current = head;
+        while (true) {
+            switch (reader.next()) {
+                case XMLStreamConstants.START_ELEMENT:
+                    //since the axis2 code checks against a no namespace we need to generate accordingly
+                    QName name = new QName(reader.getName().getLocalPart());
+                    OMElement child = fac.createOMElement(name, current);
+
+                    int count = reader.getNamespaceCount();
+                    for (int i = 0; i < count; i++) {
+                        String prefix = reader.getNamespacePrefix(i);
+                        String ns = reader.getNamespaceURI(i);
+                        child.declareNamespace(ns, prefix);
+                    }
+
+                    if(!"".equals(name.getNamespaceURI())) {
+                        child.declareNamespace(name.getNamespaceURI(), name.getPrefix());
+                    }
+
+                    // add the attributes for this element
+                    count = reader.getAttributeCount();
+                    for (int i = 0; i < count; i++) {
+                        String ns = reader.getAttributeNamespace(i);
+                        String prefix = reader.getAttributePrefix(i);
+                        String qname = reader.getAttributeLocalName(i);
+                        String value = reader.getAttributeValue(i);
+                        
+                        if (ns != null) {
+                            child.addAttribute(qname, value, fac.createOMNamespace(ns, prefix));
+                            child.declareNamespace(ns, prefix);
+                        } else {
+                            child.addAttribute(qname, value, null);
+                        }
+                    }
+                    current = child;
+                    break;
+                case XMLStreamConstants.CDATA:
+                    fac.createOMText(current, reader.getText());
+                    break;
+                case XMLStreamConstants.CHARACTERS:
+                    fac.createOMText(current, reader.getText());
+                    break;
+                case XMLStreamConstants.END_ELEMENT:
+                    if ( current == head ) {
+                        return head;
+                    } else {
+                        current = (OMElement)current.getParent();
+                    }
+            }
+        }
+    }
+}
diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/Axis2ConfigParamPolicyProviderFactory.java b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/Axis2ConfigParamPolicyProviderFactory.java
new file mode 100644
index 0000000000..21261359cb
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/Axis2ConfigParamPolicyProviderFactory.java
@@ -0,0 +1,99 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.tuscany.sca.binding.ws.axis2.policy.configuration;
+
+import org.apache.axis2.AxisFault;
+import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.description.Parameter;
+import org.apache.tuscany.sca.assembly.Binding;
+import org.apache.tuscany.sca.assembly.Implementation;
+import org.apache.tuscany.sca.core.ExtensionPointRegistry;
+import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.provider.PolicyProvider;
+import org.apache.tuscany.sca.provider.PolicyProviderFactory;
+import org.apache.tuscany.sca.runtime.RuntimeComponent;
+import org.apache.tuscany.sca.runtime.RuntimeComponentReference;
+import org.apache.tuscany.sca.runtime.RuntimeComponentService;
+import org.osoa.sca.ServiceRuntimeException;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class Axis2ConfigParamPolicyProviderFactory implements PolicyProviderFactory<Axis2ConfigParamPolicy> {
+
+    public Axis2ConfigParamPolicyProviderFactory(ExtensionPointRegistry registry) {
+        super();
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createImplementationPolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.assembly.Implementation)
+     */
+    public PolicyProvider createImplementationPolicyProvider(RuntimeComponent component, Implementation implementation) {
+        return null;
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createReferencePolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.runtime.RuntimeComponentReference, org.apache.tuscany.sca.assembly.Binding)
+     */
+    public PolicyProvider createReferencePolicyProvider(RuntimeComponent component,
+                                                        RuntimeComponentReference reference,
+                                                        Binding binding) {
+        return null;
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createServicePolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.runtime.RuntimeComponentService, org.apache.tuscany.sca.assembly.Binding)
+     */
+    public PolicyProvider createServicePolicyProvider(RuntimeComponent component,
+                                                      RuntimeComponentService service,
+                                                      Binding binding) {
+        return null;
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.ProviderFactory#getModelType()
+     */
+    public Class<Axis2ConfigParamPolicy> getModelType() {
+        return Axis2ConfigParamPolicy.class;
+    }
+
+    // FIXME: [rfeng] I think this should be refactored into the binding.ws axis2 code
+    public void setUp(ConfigurationContext configContext, PolicySet ps) {
+        Axis2ConfigParamPolicy axis2ConfigParamPolicy = null;
+        Parameter configParam = null;
+        for (Object policy : ps.getPolicies()) {
+            if (policy instanceof Axis2ConfigParamPolicy) {
+                axis2ConfigParamPolicy = (Axis2ConfigParamPolicy)policy;
+                for (String paramName : axis2ConfigParamPolicy.getParamElements().keySet()) {
+                    configParam =
+                        new Parameter(paramName, axis2ConfigParamPolicy.getParamElements().get(paramName)
+                            .getFirstElement());
+                    configParam.setParameterElement(axis2ConfigParamPolicy.getParamElements().get(paramName));
+                    try {
+                        configContext.getAxisConfiguration().addParameter(configParam);
+                    } catch (AxisFault e) {
+                        throw new ServiceRuntimeException(e);
+                    }
+                }
+            }
+        }
+    }
+
+}
diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor b/java/sca/modules/binding-ws-axis2-policy/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor
new file mode 100644
index 0000000000..7a223848fa
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor
@@ -0,0 +1,20 @@
+# Licensed to the Apache Software Foundation (ASF) under one

+# or more contributor license agreements.  See the NOTICE file

+# distributed with this work for additional information

+# regarding copyright ownership.  The ASF licenses this file

+# to you under the Apache License, Version 2.0 (the

+# "License"); you may not use this file except in compliance

+# with the License.  You may obtain a copy of the License at

+# 

+#   http://www.apache.org/licenses/LICENSE-2.0

+# 

+# Unless required by applicable law or agreed to in writing,

+# software distributed under the License is distributed on an

+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY

+# KIND, either express or implied.  See the License for the

+# specific language governing permissions and limitations

+# under the License. 

+

+# Implementation class for the artifact processor extension

+org.apache.tuscany.sca.binding.ws.axis2.policy.configuration.Axis2ConfigParamPolicyProcessor;qname=http://tuscany.apache.org/xmlns/sca/1.0#wsConfigParam,model=org.apache.tuscany.sca.binding.ws.axis2.policy.configuration.Axis2ConfigParamPolicy

+org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic.Axis2BasicAuthenticationPolicyProcessor;qname=http://tuscany.apache.org/xmlns/sca/1.0#axis2BasicAuthentication,model=org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic.Axis2BasicAuthenticationPolicy

diff --git a/java/sca/modules/binding-ws-axis2-policy/src/main/resources/META-INF/services/org.apache.tuscany.sca.provider.PolicyProviderFactory b/java/sca/modules/binding-ws-axis2-policy/src/main/resources/META-INF/services/org.apache.tuscany.sca.provider.PolicyProviderFactory
new file mode 100644
index 0000000000..7d7f4299f4
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/src/main/resources/META-INF/services/org.apache.tuscany.sca.provider.PolicyProviderFactory
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one

+# or more contributor license agreements.  See the NOTICE file

+# distributed with this work for additional information

+# regarding copyright ownership.  The ASF licenses this file

+# to you under the Apache License, Version 2.0 (the

+# "License"); you may not use this file except in compliance

+# with the License.  You may obtain a copy of the License at

+# 

+#   http://www.apache.org/licenses/LICENSE-2.0

+# 

+# Unless required by applicable law or agreed to in writing,

+# software distributed under the License is distributed on an

+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY

+# KIND, either express or implied.  See the License for the

+# specific language governing permissions and limitations

+# under the License. 

+

+# Implementation class for the policy extension

+org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic.Axis2BasicAuthenticationPolicyProviderFactory;model=org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic.Axis2BasicAuthenticationPolicy
\ No newline at end of file
diff --git a/java/sca/modules/binding-ws-axis2-policy/src/test/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/PolicyReadTestCase.java b/java/sca/modules/binding-ws-axis2-policy/src/test/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/PolicyReadTestCase.java
new file mode 100644
index 0000000000..cf14e54b5f
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/src/test/java/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/PolicyReadTestCase.java
@@ -0,0 +1,60 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.tuscany.sca.binding.ws.axis2.policy.configuration;
+
+
+import java.io.InputStream;
+import java.net.URL;
+
+import javax.xml.stream.XMLInputFactory;
+import javax.xml.stream.XMLStreamReader;
+
+import org.apache.tuscany.sca.binding.ws.axis2.policy.configuration.Axis2ConfigParamPolicy;
+import org.apache.tuscany.sca.contribution.processor.ExtensibleStAXArtifactProcessor;
+import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor;
+import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessorExtensionPoint;
+import org.apache.tuscany.sca.core.DefaultExtensionPointRegistry;
+import org.apache.tuscany.sca.core.ExtensionPointRegistry;
+
+import junit.framework.TestCase;
+
+/**
+ * 
+ * Test the reading of ws config params policy.
+ *
+ * @version $Rev$ $Date$
+ */
+public class PolicyReadTestCase extends TestCase {
+
+    public void testPolicyReading() throws Exception {
+        ExtensionPointRegistry extensionPoints = new DefaultExtensionPointRegistry();
+        StAXArtifactProcessorExtensionPoint staxProcessors = extensionPoints.getExtensionPoint(StAXArtifactProcessorExtensionPoint.class);
+        XMLInputFactory inputFactory = XMLInputFactory.newInstance();
+        StAXArtifactProcessor<Object> staxProcessor = new ExtensibleStAXArtifactProcessor(staxProcessors, inputFactory, null, null);
+        
+        URL url = getClass().getResource("mock_policies.xml");
+        
+        InputStream urlStream = url.openStream();
+        XMLStreamReader reader = inputFactory.createXMLStreamReader(urlStream);
+        
+        Axis2ConfigParamPolicy policy = (Axis2ConfigParamPolicy)staxProcessor.read(reader);
+        assertEquals(policy.getParamElements().size(), 2);
+    }
+
+}
diff --git a/java/sca/modules/binding-ws-axis2-policy/src/test/resources/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/mock_policies.xml b/java/sca/modules/binding-ws-axis2-policy/src/test/resources/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/mock_policies.xml
new file mode 100644
index 0000000000..77f750cd0d
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2-policy/src/test/resources/org/apache/tuscany/sca/binding/ws/axis2/policy/configuration/mock_policies.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="ASCII"?>
+<!--
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+-->
+<tuscany:wsConfigParam xmlns:tuscany="http://tuscany.apache.org/xmlns/sca/1.0">
+ 		<parameter name="InflowSecurity">
+		    <action>
+		        <items>Timestamp Signature</items>
+		        <signaturePropFile>org/apache/tuscany/sca/binding/ws/axis2/itests/policy/security.properties</signaturePropFile>
+		    </action>
+		</parameter>
+ 		<parameter name="OutflowSecurity">
+      		<action>
+        		<items>Timestamp Signature</items>
+        		<user>TuscanyWsUser</user>
+        		<signaturePropFile>org/apache/tuscany/sca/binding/ws/axis2/itests/policy/security.properties</signaturePropFile>
+        		<passwordCallbackClass>org.apache.tuscany.sca.binding.ws.axis2.itests.policy.IntegrityPWCBHandler</passwordCallbackClass>" +
+        		<signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
+      		</action>
+    	</parameter>
+</tuscany:wsConfigParam>
\ No newline at end of file
diff --git a/java/sca/modules/binding-ws-axis2/pom.xml b/java/sca/modules/binding-ws-axis2/pom.xml
index af84fe2d2c..c0a5fe8465 100644
--- a/java/sca/modules/binding-ws-axis2/pom.xml
+++ b/java/sca/modules/binding-ws-axis2/pom.xml
@@ -95,11 +95,11 @@
             <version>1.4-SNAPSHOT</version>
         </dependency>
 
-        <dependency>
+        <!-- dependency>
             <groupId>org.apache.tuscany.sca</groupId>
-            <artifactId>tuscany-policy-security-ws</artifactId>
+            <artifactId>tuscany-binding-ws-axis2-policy</artifactId>
             <version>1.4-SNAPSHOT</version>
-        </dependency>
+        </dependency-->
 
         <dependency>
             <groupId>org.apache.axis2</groupId>
diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2BindingInvoker.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2BindingInvoker.java
index b01707d93e..81db43c701 100644
--- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2BindingInvoker.java
+++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2BindingInvoker.java
@@ -40,10 +40,15 @@ import org.apache.axis2.context.MessageContext;
 import org.apache.axis2.transport.http.HTTPConstants;
 import org.apache.axis2.wsdl.WSDLConstants;
 import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.binding.ws.WebServiceBinding;
+import org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic.Axis2BasicAuthenticationReferenceBindingConfigurator;
 import org.apache.tuscany.sca.interfacedef.util.FaultException;
 import org.apache.tuscany.sca.invocation.DataExchangeSemantics;
 import org.apache.tuscany.sca.invocation.Invoker;
 import org.apache.tuscany.sca.invocation.Message;
+import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.PolicySetAttachPoint;
+import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy;
 import org.apache.tuscany.sca.policy.util.PolicyHandler;
 import org.apache.tuscany.sca.runtime.ReferenceParameters;
 
@@ -54,48 +59,57 @@ import org.apache.tuscany.sca.runtime.ReferenceParameters;
  */
 public class Axis2BindingInvoker implements Invoker, DataExchangeSemantics {
 
-    private Axis2ServiceClient serviceClient;
-    private QName wsdlOperationName;
-    private Options options;
-    private SOAPFactory soapFactory;
-
     public static final QName QNAME_WSA_FROM =
         new QName(AddressingConstants.Final.WSA_NAMESPACE, AddressingConstants.WSA_FROM,
                   AddressingConstants.WSA_DEFAULT_PREFIX);
-
     public static final String TUSCANY_PREFIX = "tuscany";
     public static final QName CALLBACK_ID_REFPARM_QN =
         new QName(Constants.SCA10_TUSCANY_NS, "CallbackID", TUSCANY_PREFIX);
     public static final QName CONVERSATION_ID_REFPARM_QN =
         new QName(Constants.SCA10_TUSCANY_NS, "ConversationID", TUSCANY_PREFIX);
     
+    private Axis2ServiceClient serviceClient;
+    private QName wsdlOperationName;
+    private Options options;
+    private SOAPFactory soapFactory;    
     private List<PolicyHandler> policyHandlerList = null;
+    private WebServiceBinding wsBinding;
+    private BasicAuthenticationPolicy basicAuthenticationPolicy = null;
 
     public Axis2BindingInvoker(Axis2ServiceClient serviceClient,
                                QName wsdlOperationName,
                                Options options,
                                SOAPFactory soapFactory,
-                               List<PolicyHandler> policyHandlerList) {
+                               List<PolicyHandler> policyHandlerList,
+                               WebServiceBinding wsBinding) {
         this.serviceClient = serviceClient;
         this.wsdlOperationName = wsdlOperationName;
         this.options = options;
         this.soapFactory = soapFactory;
         this.policyHandlerList = policyHandlerList;
+        this.wsBinding = wsBinding;
+        
+        // find out which policies are active
+        if (wsBinding instanceof PolicySetAttachPoint) {
+            List<PolicySet> policySets = ((PolicySetAttachPoint)wsBinding).getApplicablePolicySets();
+            for (PolicySet ps : policySets) {
+                for (Object p : ps.getPolicies()) {
+                    if (BasicAuthenticationPolicy.class.isInstance(p)) {
+                        basicAuthenticationPolicy = (BasicAuthenticationPolicy)p;
+                    } else {
+                        // etc. check for other types of policy being present
+                    }
+                }
+            }
+        }
     }
 
     private static final QName EXCEPTION = new QName("", "Exception");
     
     public Message invoke(Message msg) {
         try {
-            for ( PolicyHandler policyHandler : policyHandlerList ) {
-                policyHandler.beforeInvoke(msg);
-            }
-            
             Object resp = invokeTarget(msg);
-            
-            for ( PolicyHandler policyHandler : policyHandlerList ) {
-                policyHandler.afterInvoke(msg);
-            }
+           
             msg.setBody(resp);
         } catch (AxisFault e) {
             if (e.getDetail() != null ) {
@@ -120,6 +134,14 @@ public class Axis2BindingInvoker implements Invoker, DataExchangeSemantics {
         requestMC.getOptions().setProperty(HTTPConstants.REUSE_HTTP_CLIENT, Boolean.TRUE);
         requestMC.getOptions().setTimeOutInMilliSeconds(240000L);
 
+        for ( PolicyHandler policyHandler : policyHandlerList ) {
+            policyHandler.beforeInvoke(msg, requestMC, operationClient);
+        }
+        
+        if (basicAuthenticationPolicy != null) {
+            Axis2BasicAuthenticationReferenceBindingConfigurator.setOperationOptions(operationClient, msg, basicAuthenticationPolicy);
+        }
+        
         // Allow privileged access to read properties. Requires PropertiesPermission read in
         // security policy.
         try {
@@ -135,7 +157,11 @@ public class Axis2BindingInvoker implements Invoker, DataExchangeSemantics {
         }
 
         MessageContext responseMC = operationClient.getMessageContext(WSDLConstants.MESSAGE_LABEL_IN_VALUE);
-
+        
+        for ( PolicyHandler policyHandler : policyHandlerList ) {
+            policyHandler.afterInvoke(msg, responseMC, operationClient);
+        }
+        
         OMElement response = responseMC.getEnvelope().getBody().getFirstElement();
 
         // FIXME: [rfeng] We have to pay performance penalty to build the complete OM as the operationClient.complete() will
diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2OneWayBindingInvoker.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2OneWayBindingInvoker.java
index 7ea5d65ce9..f8d0cf55b0 100644
--- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2OneWayBindingInvoker.java
+++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2OneWayBindingInvoker.java
@@ -29,6 +29,7 @@ import org.apache.axis2.client.Options;
 import org.apache.axis2.context.MessageContext;
 import org.apache.axis2.transport.http.HTTPConstants;
 import org.apache.axis2.wsdl.WSDLConstants;
+import org.apache.tuscany.sca.binding.ws.WebServiceBinding;
 import org.apache.tuscany.sca.invocation.Message;
 import org.apache.tuscany.sca.policy.util.PolicyHandler;
 
@@ -43,9 +44,10 @@ public class Axis2OneWayBindingInvoker extends Axis2BindingInvoker {
                                      QName wsdlOperationName,
                                      Options options,
                                      SOAPFactory soapFactory,
-                                     List<PolicyHandler> policyHandlerList) {
+                                     List<PolicyHandler> policyHandlerList,
+                                     WebServiceBinding wsBinding) {
 
-        super(serviceClient, wsdlOperationName, options, soapFactory, policyHandlerList);
+        super(serviceClient, wsdlOperationName, options, soapFactory, policyHandlerList, wsBinding);
     }
 
     @Override
diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceClient.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceClient.java
index 7df88a6b1f..438e989d85 100644
--- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceClient.java
+++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceClient.java
@@ -78,7 +78,10 @@ import org.apache.tuscany.sca.policy.security.ws.Axis2ConfigParamPolicy;
 import org.apache.tuscany.sca.policy.util.PolicyHandler;
 import org.apache.tuscany.sca.policy.util.PolicyHandlerTuple;
 import org.apache.tuscany.sca.policy.util.PolicyHandlerUtils;
+import org.apache.tuscany.sca.provider.PolicyProvider;
 import org.apache.tuscany.sca.runtime.RuntimeComponent;
+import org.apache.tuscany.sca.runtime.RuntimeComponentReference;
+import org.apache.tuscany.sca.runtime.RuntimeComponentService;
 import org.apache.tuscany.sca.xsd.xml.XMLDocumentHelper;
 import org.apache.ws.commons.schema.resolver.URIResolver;
 import org.osoa.sca.ServiceRuntimeException;
@@ -374,9 +377,9 @@ public class Axis2ServiceClient {
         }
         Axis2BindingInvoker invoker;
         if (operation.isNonBlocking()) {
-            invoker = new Axis2OneWayBindingInvoker(this, wsdlOperationQName, options, soapFactory, policyHandlerList);
+            invoker = new Axis2OneWayBindingInvoker(this, wsdlOperationQName, options, soapFactory, policyHandlerList, wsBinding);
         } else {
-            invoker = new Axis2BindingInvoker(this, wsdlOperationQName, options, soapFactory, policyHandlerList);
+            invoker = new Axis2BindingInvoker(this, wsdlOperationQName, options, soapFactory, policyHandlerList, wsBinding);
         }
         
         return invoker;
@@ -475,6 +478,19 @@ public class Axis2ServiceClient {
                     policyHandlerList.add(policyHandler);
                 }
             }
+            
+            // code to create policy handlers using the new policy SPI based
+            // on policy providers
+/*            
+            List<PolicyProvider> policyProviders = ((RuntimeComponentReference)contract).getPolicyProviders(wsBinding);
+            
+            for (PolicyProvider policyProvider : policyProviders){
+                policyHandler = policyProvider.createHandler();
+                if (policyHandler != null) {
+                    policyHandlerList.add(policyHandler);
+                } 
+            }
+*/             
         }
     }
 
diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceInMessageReceiver.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceInMessageReceiver.java
index 3b188b0176..a0cfab9154 100644
--- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceInMessageReceiver.java
+++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceInMessageReceiver.java
@@ -51,15 +51,19 @@ public class Axis2ServiceInMessageReceiver extends AbstractInMessageReceiver {
             OMElement requestOM = inMC.getEnvelope().getBody().getFirstElement();
             Object[] args = new Object[] {requestOM};
             
+            /*
             for ( PolicyHandler policyHandler : policyHandlerList ) {
                 policyHandler.beforeInvoke(operation, args, inMC);
             }
+            */
             
             provider.invokeTarget(operation, args, inMC);
             
+            /*
             for ( PolicyHandler policyHandler : policyHandlerList ) {
                 policyHandler.afterInvoke(operation, args, inMC);
             }
+            */
 
         } catch (InvocationTargetException e) {
             Throwable t = e.getCause();
diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceInOutSyncMessageReceiver.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceInOutSyncMessageReceiver.java
index 20930666b1..d467e0b3c8 100644
--- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceInOutSyncMessageReceiver.java
+++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceInOutSyncMessageReceiver.java
@@ -61,15 +61,19 @@ public class Axis2ServiceInOutSyncMessageReceiver extends AbstractInOutSyncMessa
             	args = new Object[] {requestOM};
             }
             
+            /*
             for ( PolicyHandler policyHandler : policyHandlerList ) {
                 policyHandler.beforeInvoke(operation, args, inMC);
             }
+            */
             
             OMElement responseOM = (OMElement)provider.invokeTarget(operation, args, inMC);
             
+            /*
             for ( PolicyHandler policyHandler : policyHandlerList ) {
                 policyHandler.afterInvoke(operation, args, inMC, responseOM);
             }
+            */
 
             SOAPEnvelope soapEnvelope = getSOAPFactory(inMC).getDefaultEnvelope();
             if (null != responseOM ) {
diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java
index cc6742f966..01eddb89d1 100644
--- a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java
+++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/Axis2ServiceProvider.java
@@ -74,6 +74,7 @@ import org.apache.tuscany.sca.assembly.AbstractContract;
 import org.apache.tuscany.sca.assembly.Binding;
 import org.apache.tuscany.sca.binding.ws.WebServiceBinding;
 import org.apache.tuscany.sca.binding.ws.axis2.Axis2ServiceClient.URIResolverImpl;
+import org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic.Axis2BasicAuthenticationServiceBindingConfigurator;
 import org.apache.tuscany.sca.core.assembly.EndpointReferenceImpl;
 import org.apache.tuscany.sca.host.http.ServletHost;
 import org.apache.tuscany.sca.interfacedef.Interface;
@@ -84,10 +85,12 @@ import org.apache.tuscany.sca.invocation.Message;
 import org.apache.tuscany.sca.invocation.MessageFactory;
 import org.apache.tuscany.sca.policy.PolicySet;
 import org.apache.tuscany.sca.policy.PolicySetAttachPoint;
+import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy;
 import org.apache.tuscany.sca.policy.security.ws.Axis2ConfigParamPolicy;
 import org.apache.tuscany.sca.policy.util.PolicyHandler;
 import org.apache.tuscany.sca.policy.util.PolicyHandlerTuple;
 import org.apache.tuscany.sca.policy.util.PolicyHandlerUtils;
+import org.apache.tuscany.sca.provider.PolicyProvider;
 import org.apache.tuscany.sca.runtime.EndpointReference;
 import org.apache.tuscany.sca.runtime.ReferenceParameters;
 import org.apache.tuscany.sca.runtime.RuntimeComponent;
@@ -123,6 +126,7 @@ public class Axis2ServiceProvider {
     private List<PolicyHandlerTuple> policyHandlerClassnames = null;
     private List<PolicyHandler> policyHandlerList = new ArrayList<PolicyHandler>();
     private Map<String, Port> urlMap = new HashMap<String, Port>();
+    private BasicAuthenticationPolicy basicAuthenticationPolicy = null;
 
     public static final QName QNAME_WSA_ADDRESS =
         new QName(AddressingConstants.Final.WSA_NAMESPACE, AddressingConstants.EPR_ADDRESS);
@@ -195,6 +199,20 @@ public class Axis2ServiceProvider {
             setPortAddress((Port)port, endpointURI);
             urlMap.put(endpointURI, (Port)port);
         }
+        
+        // find out which policies are active
+        if (wsBinding instanceof PolicySetAttachPoint) {
+            List<PolicySet> policySets = ((PolicySetAttachPoint)wsBinding).getApplicablePolicySets();
+            for (PolicySet ps : policySets) {
+                for (Object p : ps.getPolicies()) {
+                    if (BasicAuthenticationPolicy.class.isInstance(p)) {
+                        basicAuthenticationPolicy = (BasicAuthenticationPolicy)p;
+                    } else {
+                        // etc. check for other types of policy being present
+                    }
+                }
+            }
+        }        
     }
 
     static String getPortAddress(Port port) {
@@ -682,9 +700,23 @@ public class Axis2ServiceProvider {
             parameters.setConversationID(conversationID);
         }
 
+        for ( PolicyHandler policyHandler : policyHandlerList ) {
+            policyHandler.beforeInvoke(msg, inMC);
+        }
+                
+        if (basicAuthenticationPolicy != null) {
+            Axis2BasicAuthenticationServiceBindingConfigurator.parseHTTPHeader(inMC, msg, basicAuthenticationPolicy);
+        }
+        
         // find the runtime wire and invoke it with the message
         RuntimeWire wire = ((RuntimeComponentService)contract).getRuntimeWire(getBinding());
-        return wire.invoke(op, msg);
+        Object response =  wire.invoke(op, msg);
+        
+        for ( PolicyHandler policyHandler : policyHandlerList ) {
+            policyHandler.afterInvoke(response, inMC);
+        }        
+        
+        return response;
     }
 
     public boolean isConversational() {
@@ -713,17 +745,31 @@ public class Axis2ServiceProvider {
         if (wsBinding instanceof PolicySetAttachPoint) {
             PolicySetAttachPoint policiedBinding = (PolicySetAttachPoint)wsBinding;
             PolicyHandler policyHandler = null;
+            
             for (PolicySet policySet : policiedBinding.getPolicySets()) {
                 policyHandler =
                     PolicyHandlerUtils.findPolicyHandler(policySet, policyHandlerClassnames);
+                
                 if (policyHandler != null) {
                     policyHandler.setApplicablePolicySet(policySet);
                     policyHandlerList.add(policyHandler);
-                }
+                } 
             }
+            
+            // code to create policy handlers using a policy SPI based
+            // on policy providers
+/*            
+            List<PolicyProvider> policyProviders = ((RuntimeComponentService)contract).getPolicyProviders(wsBinding);
+            
+            for (PolicyProvider policyProvider : policyProviders){
+                policyHandler = policyProvider.createHandler();
+                if (policyHandler != null) {
+                    policyHandlerList.add(policyHandler);
+                } 
+            }
+*/           
         }
-    }
-     
+    }      
     
     private void fillQoSContext(Message message, MessageContext axis2MsgCtx) {
         if ( axis2MsgCtx.getProperty(WSHandlerConstants.RECV_RESULTS) != null &&
diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationReferenceBindingConfigurator.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationReferenceBindingConfigurator.java
new file mode 100644
index 0000000000..2bc6bff3c7
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationReferenceBindingConfigurator.java
@@ -0,0 +1,86 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic;
+
+import java.security.Principal;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.axis2.AxisFault;
+import org.apache.axis2.client.OperationClient;
+import org.apache.axis2.client.ServiceClient;
+import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.context.MessageContext;
+import org.apache.axis2.description.Parameter;
+import org.apache.axis2.transport.http.HTTPConstants;
+import org.apache.axis2.transport.http.HttpTransportProperties;
+import org.apache.axis2.transport.http.HttpTransportProperties.Authenticator;
+import org.apache.tuscany.sca.invocation.Message;
+import org.apache.tuscany.sca.policy.Policy;
+import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy;
+import org.osoa.sca.ServiceRuntimeException;
+
+/**
+ * Policy handler to handle PolicySet that contain Axis2ConfigParamPolicy instances
+ *
+ * @version $Rev$ $Date$
+ */
+public class Axis2BasicAuthenticationReferenceBindingConfigurator {
+    
+    
+    public static void setOperationOptions(OperationClient operationClient, Message msg, BasicAuthenticationPolicy policy) {
+        
+        // get security context
+        String securityPrincipal = (String)msg.getQoSContext().get(Message.QOS_CTX_SECURITY_PRINCIPAL);
+        String username = null;
+        String password = null;
+        
+        // could use the security principal to look up basic auth credentials
+        if (  securityPrincipal != null ) {
+            // look up usename and password based on security principal
+        } else {
+           // take the message username and password
+            username = (String)msg.getQoSContext().get(BasicAuthenticationPolicy.BASIC_AUTHENTICATION_USERNAME);
+            password = (String)msg.getQoSContext().get(BasicAuthenticationPolicy.BASIC_AUTHENTICATION_PASSWORD);
+            
+            if (username == null){
+                username = policy.getUserName();
+                password = policy.getPassword();
+            }
+        }
+        
+        if (username == null || password == null ){
+            throw new ServiceRuntimeException("Basic authenication username or password is null");
+        }
+        
+        HttpTransportProperties.Authenticator authenticator = new HttpTransportProperties.Authenticator();
+        List<String> auth = new ArrayList<String>();
+        auth.add(Authenticator.BASIC);
+        authenticator.setAuthSchemes(auth);
+        authenticator.setPreemptiveAuthentication(true);
+        authenticator.setUsername(username);
+        authenticator.setPassword(password);
+    
+        operationClient.getOptions().setProperty(HTTPConstants.AUTHENTICATE,
+                                                 authenticator);
+    }
+
+}
diff --git a/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationServiceBindingConfigurator.java b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationServiceBindingConfigurator.java
new file mode 100644
index 0000000000..6d311faec5
--- /dev/null
+++ b/java/sca/modules/binding-ws-axis2/src/main/java/org/apache/tuscany/sca/binding/ws/axis2/policy/authentication/basic/Axis2BasicAuthenticationServiceBindingConfigurator.java
@@ -0,0 +1,86 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.tuscany.sca.binding.ws.axis2.policy.authentication.basic;
+
+import java.security.Principal;
+import java.util.Map;
+
+import org.apache.axiom.om.util.Base64;
+import org.apache.axis2.AxisFault;
+import org.apache.axis2.client.OperationClient;
+import org.apache.axis2.client.ServiceClient;
+import org.apache.axis2.context.ConfigurationContext;
+import org.apache.axis2.context.MessageContext;
+import org.apache.axis2.description.Parameter;
+import org.apache.tuscany.sca.invocation.Message;
+import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy;
+import org.apache.tuscany.sca.policy.util.PolicyHandler;
+
+/**
+ * Deal with basic authentication configuration at the service
+ *
+ * @version $Rev$ $Date$
+ */
+public class Axis2BasicAuthenticationServiceBindingConfigurator {
+        
+    public static void parseHTTPHeader(MessageContext messageContext, Message msg, BasicAuthenticationPolicy policy) {
+          
+        Map httpHeaderProperties = (Map)messageContext.getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
+                         
+        String basicAuthString = (String)httpHeaderProperties.get("Authorization");
+        String decodedBasicAuthString = null;
+        String username = null;
+        String password = null;
+        
+        if (basicAuthString != null) {
+            basicAuthString = basicAuthString.trim();
+            
+            if (basicAuthString.startsWith("Basic ")) {
+                decodedBasicAuthString = new String(Base64.decode(basicAuthString.substring(6)));
+            }
+            
+            int collonIndex = decodedBasicAuthString.indexOf(':');
+            
+            if (collonIndex == -1){
+                username = decodedBasicAuthString;
+            } else {
+                username = decodedBasicAuthString.substring(0, collonIndex);
+                password = decodedBasicAuthString.substring(collonIndex + 1);
+            }
+        }
+        
+        // set the security context. 
+        msg.getQoSContext().put(BasicAuthenticationPolicy.BASIC_AUTHENTICATION_USERNAME,
+                                username);
+        msg.getQoSContext().put(BasicAuthenticationPolicy.BASIC_AUTHENTICATION_PASSWORD,
+                                password);
+
+        // Set the http headers
+        // This is just an experiment, looking at the alternatives to extracting
+        // username and password in the binding. With HTTP headers in the message it
+        // could be deferred to the interceptor. Asymetric though when compared with the
+        // reference support. 
+        // how to defined the scheme for message headers?
+        msg.getHeader().put("httpheaders", httpHeaderProperties); 
+    }    
+    
+    
+}
diff --git a/java/sca/modules/core-spi/src/main/java/org/apache/tuscany/sca/invocation/Message.java b/java/sca/modules/core-spi/src/main/java/org/apache/tuscany/sca/invocation/Message.java
index 4c27c8b06f..a727693132 100644
--- a/java/sca/modules/core-spi/src/main/java/org/apache/tuscany/sca/invocation/Message.java
+++ b/java/sca/modules/core-spi/src/main/java/org/apache/tuscany/sca/invocation/Message.java
@@ -114,4 +114,11 @@ public interface Message {
      * @return
      */
     Map<String, Object> getQoSContext();
+    
+    /** 
+     * Returns a map of objects that are contained in the message header
+     * 
+     * @return
+     */
+    Map<String, Object> getHeader();
 }
diff --git a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/assembly/RuntimeWireImpl.java b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/assembly/RuntimeWireImpl.java
index c67ead43e9..58109fd86b 100644
--- a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/assembly/RuntimeWireImpl.java
+++ b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/assembly/RuntimeWireImpl.java
@@ -185,6 +185,7 @@ public class RuntimeWireImpl implements RuntimeWire {
                 if (operation.isNonBlocking()) {
                     addNonBlockingInterceptor(service, serviceBinding, chain);
                 }
+                addServiceBindingInterceptor(service, serviceBinding, chain, operation);
                 addImplementationInterceptor(serviceComponent, service, chain, targetOperation);
                 chains.add(chain);
             }
@@ -249,7 +250,7 @@ public class RuntimeWireImpl implements RuntimeWire {
      * @param chain
      * @param operation
      */
-    private void addServiceBindingInterceptor(ComponentReference service,
+    private void addServiceBindingInterceptor(ComponentService service,
                                               Binding binding,
                                               InvocationChain chain,
                                               Operation operation) {
diff --git a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/MessageImpl.java b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/MessageImpl.java
index b5b41b9d00..7d7fc583c3 100644
--- a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/MessageImpl.java
+++ b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/MessageImpl.java
@@ -32,6 +32,7 @@ import org.apache.tuscany.sca.runtime.EndpointReference;
  * @version $Rev $Date$
  */
 public class MessageImpl implements Message { 
+    private Map<String, Object> header = new Hashtable<String, Object>();
     private Object body;
     private Object messageID;
     private boolean isFault;
@@ -100,5 +101,9 @@ public class MessageImpl implements Message {
     public Map<String, Object> getQoSContext() {
         return qosContext;
     }
+    
+    public Map<String, Object> getHeader() {
+        return qosContext;
+    }    
 
 }
diff --git a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/NonBlockingInterceptor.java b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/NonBlockingInterceptor.java
index e83f9e64f9..60f90fb6b5 100644
--- a/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/NonBlockingInterceptor.java
+++ b/java/sca/modules/core/src/main/java/org/apache/tuscany/sca/core/invocation/NonBlockingInterceptor.java
@@ -185,6 +185,10 @@ public class NonBlockingInterceptor implements Interceptor {
         public Map<String, Object> getQoSContext() {
             return null;
         }
+        
+        public Map<String, Object> getHeader() {
+            return null;
+        }        
     }
 
 }
diff --git a/java/sca/modules/implementation-notification/src/main/java/org/apache/tuscany/sca/implementation/notification/ImmutableMessage.java b/java/sca/modules/implementation-notification/src/main/java/org/apache/tuscany/sca/implementation/notification/ImmutableMessage.java
index 776782ace3..6941a0b5f2 100644
--- a/java/sca/modules/implementation-notification/src/main/java/org/apache/tuscany/sca/implementation/notification/ImmutableMessage.java
+++ b/java/sca/modules/implementation-notification/src/main/java/org/apache/tuscany/sca/implementation/notification/ImmutableMessage.java
@@ -90,7 +90,10 @@ public class ImmutableMessage implements Message {
     }

 

     public Map<String, Object> getQoSContext() {

-        // TODO Auto-generated method stub

+        return null;

+    }

+    

+    public Map<String, Object> getHeader() {

         return null;

     }

 

diff --git a/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationPolicy.java b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationPolicy.java
new file mode 100644
index 0000000000..14bff2dca6
--- /dev/null
+++ b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationPolicy.java
@@ -0,0 +1,66 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+package org.apache.tuscany.sca.policy.authentication.basic;
+
+import javax.xml.namespace.QName;
+
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.policy.Policy;
+
+/**
+ * Implementation for policies that could be injected as parameter
+ * into the axis2config.
+ *
+ * @version $Rev$ $Date$
+ */
+public class BasicAuthenticationPolicy implements Policy {
+    public static final QName BASIC_AUTHENTICATION_POLICY_QNAME = new QName(Constants.SCA10_TUSCANY_NS, "basicAuthentication");
+    public static final String BASIC_AUTHENTICATION_USERNAME = "username";
+    public static final String BASIC_AUTHENTICATION_PASSWORD = "password";
+
+    private String userName;
+    private String password;
+    
+    public String getUserName() {
+        return userName;
+    }
+    
+    public void setUserName(String userName) {
+        this.userName = userName;
+    }
+    
+    public String getPassword() {
+        return password;
+    }
+    
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public QName getSchemaName() {
+        return BASIC_AUTHENTICATION_POLICY_QNAME;
+    }
+
+    public boolean isUnresolved() {
+        return false;
+    }
+
+    public void setUnresolved(boolean unresolved) {
+    }
+}
diff --git a/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationPolicyProcessor.java b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationPolicyProcessor.java
new file mode 100644
index 0000000000..082dfc9fdb
--- /dev/null
+++ b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationPolicyProcessor.java
@@ -0,0 +1,129 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+package org.apache.tuscany.sca.policy.authentication.basic;
+
+import static javax.xml.stream.XMLStreamConstants.END_ELEMENT;
+import static javax.xml.stream.XMLStreamConstants.START_ELEMENT;
+
+import java.util.logging.Level;
+
+import javax.xml.namespace.QName;
+import javax.xml.stream.XMLStreamException;
+import javax.xml.stream.XMLStreamReader;
+import javax.xml.stream.XMLStreamWriter;
+
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.contribution.ModelFactoryExtensionPoint;
+import org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor;
+import org.apache.tuscany.sca.contribution.resolver.ModelResolver;
+import org.apache.tuscany.sca.contribution.service.ContributionReadException;
+import org.apache.tuscany.sca.contribution.service.ContributionResolveException;
+import org.apache.tuscany.sca.contribution.service.ContributionWriteException;
+import org.apache.tuscany.sca.monitor.Monitor;
+
+/**
+ *
+ * @version $Rev$ $Date$
+ */
+public class BasicAuthenticationPolicyProcessor implements StAXArtifactProcessor<BasicAuthenticationPolicy> {
+    
+    private static final String USER_NAME = "userName";
+    private static final String PASSWORD = "password";
+
+    
+    public QName getArtifactType() {
+        return BasicAuthenticationPolicy.BASIC_AUTHENTICATION_POLICY_QNAME;
+    }
+    
+    public BasicAuthenticationPolicyProcessor(ModelFactoryExtensionPoint modelFactories, Monitor monitor) {
+    }
+
+    
+    public BasicAuthenticationPolicy read(XMLStreamReader reader) throws ContributionReadException, XMLStreamException {
+        BasicAuthenticationPolicy policy = new BasicAuthenticationPolicy();
+        int event = reader.getEventType();
+        QName name = null;
+        
+        while (reader.hasNext()) {
+            event = reader.getEventType();
+            switch (event) {
+                case START_ELEMENT : {
+                    name = reader.getName();
+                    if ( name.equals(getArtifactType()) ) {
+                        // no attributes at the moment
+                    } else if ( USER_NAME.equals(name.getLocalPart()) ) {
+                        policy.setUserName(reader.getElementText());
+                    } else if ( PASSWORD.equals(name.getLocalPart()) ) {
+                        policy.setPassword(reader.getElementText());
+                    }
+                    break;
+                }
+            }
+            
+            if ( event == END_ELEMENT ) {
+                if ( getArtifactType().equals(reader.getName()) ) {
+                    break;
+                } 
+            }
+            
+            //Read the next element
+            if (reader.hasNext()) {
+                reader.next();
+            }
+        }
+         
+        return policy;
+    }
+
+    public void write(BasicAuthenticationPolicy policy, XMLStreamWriter writer) 
+        throws ContributionWriteException, XMLStreamException {
+        String prefix = "tuscany";
+        writer.writeStartElement(prefix, 
+                                 getArtifactType().getLocalPart(),
+                                 getArtifactType().getNamespaceURI());
+        writer.writeNamespace("tuscany", Constants.SCA10_TUSCANY_NS);
+
+        if ( policy.getUserName() != null ) {
+            writer.writeStartElement(prefix, 
+                                     USER_NAME,
+                                     getArtifactType().getNamespaceURI());
+            writer.writeCharacters(policy.getUserName());
+            writer.writeEndElement();
+        }
+        
+        if ( policy.getPassword() != null ) {
+            writer.writeStartElement(prefix, 
+                                     PASSWORD,
+                                     getArtifactType().getNamespaceURI());
+            writer.writeCharacters(policy.getPassword());
+            writer.writeEndElement();
+        }        
+        
+        writer.writeEndElement();
+    }
+
+    public Class<BasicAuthenticationPolicy> getModelType() {
+        return BasicAuthenticationPolicy.class;
+    }
+
+    public void resolve(BasicAuthenticationPolicy arg0, ModelResolver arg1) throws ContributionResolveException {
+
+    }
+    
+}
diff --git a/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationPolicyProviderFactory.java b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationPolicyProviderFactory.java
new file mode 100644
index 0000000000..348934bd6c
--- /dev/null
+++ b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationPolicyProviderFactory.java
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.tuscany.sca.policy.authentication.basic;
+
+import org.apache.tuscany.sca.assembly.Binding;
+import org.apache.tuscany.sca.assembly.Implementation;
+import org.apache.tuscany.sca.core.ExtensionPointRegistry;
+import org.apache.tuscany.sca.provider.PolicyProvider;
+import org.apache.tuscany.sca.provider.PolicyProviderFactory;
+import org.apache.tuscany.sca.runtime.RuntimeComponent;
+import org.apache.tuscany.sca.runtime.RuntimeComponentReference;
+import org.apache.tuscany.sca.runtime.RuntimeComponentService;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class BasicAuthenticationPolicyProviderFactory implements PolicyProviderFactory<BasicAuthenticationPolicy> {
+    private ExtensionPointRegistry registry;
+    
+    public BasicAuthenticationPolicyProviderFactory(ExtensionPointRegistry registry) {
+        super();
+        this.registry = registry;
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createImplementationPolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.assembly.Implementation)
+     */
+    public PolicyProvider createImplementationPolicyProvider(RuntimeComponent component, Implementation implementation) {
+        return null;//new BasicAuthenticationImplementationPolicyProvider(component, implementation);
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createReferencePolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.runtime.RuntimeComponentReference, org.apache.tuscany.sca.assembly.Binding)
+     */
+    public PolicyProvider createReferencePolicyProvider(RuntimeComponent component,
+                                                        RuntimeComponentReference reference,
+                                                        Binding binding) {
+        return new BasicAuthenticationReferencePolicyProvider(component, reference, binding);
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProviderFactory#createServicePolicyProvider(org.apache.tuscany.sca.runtime.RuntimeComponent, org.apache.tuscany.sca.runtime.RuntimeComponentService, org.apache.tuscany.sca.assembly.Binding)
+     */
+    public PolicyProvider createServicePolicyProvider(RuntimeComponent component,
+                                                      RuntimeComponentService service,
+                                                      Binding binding) {
+        return new BasicAuthenticationServicePolicyProvider(component, service, binding);
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.ProviderFactory#getModelType()
+     */
+    public Class getModelType() {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+}
diff --git a/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationReferencePolicyInterceptor.java b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationReferencePolicyInterceptor.java
new file mode 100644
index 0000000000..83b1d20e9e
--- /dev/null
+++ b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationReferencePolicyInterceptor.java
@@ -0,0 +1,87 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+package org.apache.tuscany.sca.policy.authentication.basic;
+
+import java.util.logging.ConsoleHandler;
+import java.util.logging.Handler;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import javax.xml.namespace.QName;
+
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.interfacedef.Operation;
+import org.apache.tuscany.sca.invocation.Interceptor;
+import org.apache.tuscany.sca.invocation.Invoker;
+import org.apache.tuscany.sca.invocation.Message;
+import org.apache.tuscany.sca.policy.Policy;
+import org.apache.tuscany.sca.policy.PolicySet;
+
+/**
+ * Policy handler to handle PolicySet related to Logging with the QName
+ * {http://tuscany.apache.org/xmlns/sca/1.0/impl/java}LoggingPolicy
+ *
+ * @version $Rev$ $Date$
+ */
+public class BasicAuthenticationReferencePolicyInterceptor implements Interceptor {
+    public static final QName policySetQName = new QName(Constants.SCA10_TUSCANY_NS, "wsBasicAuthentication");
+
+    private Invoker next;
+    private Operation operation;
+    private PolicySet policySet = null;
+    private String context;
+    private BasicAuthenticationPolicy policy;
+
+    public BasicAuthenticationReferencePolicyInterceptor(String context, Operation operation, PolicySet policySet) {
+        super();
+        this.operation = operation;
+        this.policySet = policySet;
+        this.context = context;
+        init();
+    }
+
+    private void init() {
+        if (policySet != null) {
+            for (Object policyObject : policySet.getPolicies()){
+                if (policyObject instanceof BasicAuthenticationPolicy){
+                    policy = (BasicAuthenticationPolicy)policyObject;
+                    break;
+                }
+            }
+        }
+    }
+
+    public Message invoke(Message msg) {
+        // could call out here to some 3rd part system to get credentials
+        msg.getQoSContext().put(BasicAuthenticationPolicy.BASIC_AUTHENTICATION_USERNAME,
+                                policy.getUserName());
+        msg.getQoSContext().put(BasicAuthenticationPolicy.BASIC_AUTHENTICATION_PASSWORD,
+                                policy.getPassword());
+        
+        return getNext().invoke(msg);
+    }
+
+    public Invoker getNext() {
+        return next;
+    }
+
+    public void setNext(Invoker next) {
+        this.next = next;
+    }
+}
diff --git a/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationReferencePolicyProvider.java b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationReferencePolicyProvider.java
new file mode 100644
index 0000000000..f6453e2b65
--- /dev/null
+++ b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationReferencePolicyProvider.java
@@ -0,0 +1,90 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.tuscany.sca.policy.authentication.basic;
+
+import java.util.List;
+
+import org.apache.tuscany.sca.assembly.Binding;
+import org.apache.tuscany.sca.interfacedef.Operation;
+import org.apache.tuscany.sca.invocation.Interceptor;
+import org.apache.tuscany.sca.invocation.Phase;
+import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.PolicySetAttachPoint;
+import org.apache.tuscany.sca.policy.util.PolicyHandler;
+import org.apache.tuscany.sca.provider.PolicyProvider;
+import org.apache.tuscany.sca.runtime.RuntimeComponent;
+import org.apache.tuscany.sca.runtime.RuntimeComponentReference;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class BasicAuthenticationReferencePolicyProvider implements PolicyProvider {
+    private RuntimeComponent component;
+    private RuntimeComponentReference reference;
+    private Binding binding;
+
+    public BasicAuthenticationReferencePolicyProvider(RuntimeComponent component,
+                                             RuntimeComponentReference reference,
+                                             Binding binding) {
+        super();
+        this.component = component;
+        this.reference = reference;
+        this.binding = binding;
+    }
+
+    private PolicySet findPolicySet() {
+        if (binding instanceof PolicySetAttachPoint) {
+            List<PolicySet> policySets = ((PolicySetAttachPoint)binding).getApplicablePolicySets();
+            for (PolicySet ps : policySets) {
+                for (Object p : ps.getPolicies()) {
+                    if (BasicAuthenticationPolicy.class.isInstance(p)) {
+                        return ps;
+                    }
+                }
+            }
+        }
+        return null;
+    }
+
+    private String getContext() {
+        return "component.reference: " + component.getURI()
+            + "#"
+            + reference.getName()
+            + "("
+            + binding.getClass().getName()
+            + ")";
+    }
+    
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProvider#createInterceptor(org.apache.tuscany.sca.interfacedef.Operation)
+     */
+    public Interceptor createInterceptor(Operation operation) {
+        PolicySet ps = findPolicySet();
+        return ps == null ? null : new BasicAuthenticationReferencePolicyInterceptor(getContext(), operation, ps);
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProvider#getPhase()
+     */
+    public String getPhase() {
+        return Phase.REFERENCE_POLICY;
+    }
+
+}
diff --git a/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationServicePolicyInterceptor.java b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationServicePolicyInterceptor.java
new file mode 100644
index 0000000000..1b8ceb1515
--- /dev/null
+++ b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationServicePolicyInterceptor.java
@@ -0,0 +1,89 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+package org.apache.tuscany.sca.policy.authentication.basic;
+
+
+import javax.xml.namespace.QName;
+
+import org.apache.tuscany.sca.assembly.xml.Constants;
+import org.apache.tuscany.sca.interfacedef.Operation;
+import org.apache.tuscany.sca.invocation.Interceptor;
+import org.apache.tuscany.sca.invocation.Invoker;
+import org.apache.tuscany.sca.invocation.Message;
+import org.apache.tuscany.sca.policy.PolicySet;
+
+/**
+ * Policy handler to handle PolicySet related to Logging with the QName
+ * {http://tuscany.apache.org/xmlns/sca/1.0/impl/java}LoggingPolicy
+ *
+ * @version $Rev$ $Date$
+ */
+public class BasicAuthenticationServicePolicyInterceptor implements Interceptor {
+    public static final QName policySetQName = new QName(Constants.SCA10_TUSCANY_NS, "wsBasicAuthentication");
+
+    private Invoker next;
+    private Operation operation;
+    private PolicySet policySet = null;
+    private String context;
+    private BasicAuthenticationPolicy policy;
+
+    public BasicAuthenticationServicePolicyInterceptor(String context, Operation operation, PolicySet policySet) {
+        super();
+        this.operation = operation;
+        this.policySet = policySet;
+        this.context = context;
+        init();
+    }
+
+    private void init() {
+        if (policySet != null) {
+            for (Object policyObject : policySet.getPolicies()){
+                if (policyObject instanceof BasicAuthenticationPolicy){
+                    policy = (BasicAuthenticationPolicy)policyObject;
+                    break;
+                }
+            }
+        }
+    }
+
+    public Message invoke(Message msg) {
+        
+        String username = (String)msg.getQoSContext().get(BasicAuthenticationPolicy.BASIC_AUTHENTICATION_USERNAME);
+        String password = (String)msg.getQoSContext().get(BasicAuthenticationPolicy.BASIC_AUTHENTICATION_PASSWORD);
+        
+        if (username != null) {
+            
+            System.out.println("Username: " + username + " Password: " + password);
+            // could call out here to some 3rd part system to do whatever you 
+            // need to turn credentials into a principal            
+            
+            msg.getQoSContext().put(Message.QOS_CTX_SECURITY_PRINCIPAL, username);             
+        }
+    
+        return getNext().invoke(msg);
+    }
+
+    public Invoker getNext() {
+        return next;
+    }
+
+    public void setNext(Invoker next) {
+        this.next = next;
+    }
+}
diff --git a/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationServicePolicyProvider.java b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationServicePolicyProvider.java
new file mode 100644
index 0000000000..9bbb0e2d33
--- /dev/null
+++ b/java/sca/modules/policy-security/src/main/java/org/apache/tuscany/sca/policy/authentication/basic/BasicAuthenticationServicePolicyProvider.java
@@ -0,0 +1,88 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.    
+ */
+
+package org.apache.tuscany.sca.policy.authentication.basic;
+
+import java.util.List;
+
+import org.apache.tuscany.sca.assembly.Binding;
+import org.apache.tuscany.sca.interfacedef.Operation;
+import org.apache.tuscany.sca.invocation.Interceptor;
+import org.apache.tuscany.sca.invocation.Phase;
+import org.apache.tuscany.sca.policy.PolicySet;
+import org.apache.tuscany.sca.policy.PolicySetAttachPoint;
+import org.apache.tuscany.sca.policy.util.PolicyHandler;
+import org.apache.tuscany.sca.provider.PolicyProvider;
+import org.apache.tuscany.sca.runtime.RuntimeComponent;
+import org.apache.tuscany.sca.runtime.RuntimeComponentService;
+
+/**
+ * @version $Rev$ $Date$
+ */
+public class BasicAuthenticationServicePolicyProvider implements PolicyProvider {
+    private RuntimeComponent component;
+    private RuntimeComponentService service;
+    private Binding binding;
+
+    public BasicAuthenticationServicePolicyProvider(RuntimeComponent component, RuntimeComponentService service, Binding binding) {
+        super();
+        this.component = component;
+        this.service = service;
+        this.binding = binding;
+    }
+
+    private PolicySet findPolicySet() {
+        if (binding instanceof PolicySetAttachPoint) {
+            List<PolicySet> policySets = ((PolicySetAttachPoint)binding).getApplicablePolicySets();
+            for (PolicySet ps : policySets) {
+                for (Object p : ps.getPolicies()) {
+                    if (BasicAuthenticationPolicy.class.isInstance(p)) {
+                        return ps;
+                    }
+                }
+            }
+        }
+        return null;
+    }
+
+    private String getContext() {
+        return "component.service: " + component.getURI()
+            + "#"
+            + service.getName()
+            + "("
+            + binding.getClass().getName()
+            + ")";
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProvider#createInterceptor(org.apache.tuscany.sca.interfacedef.Operation)
+     */
+    public Interceptor createInterceptor(Operation operation) {
+        PolicySet ps = findPolicySet();
+        return ps == null ? null : new BasicAuthenticationServicePolicyInterceptor(getContext(), operation, ps);
+    }
+
+    /**
+     * @see org.apache.tuscany.sca.provider.PolicyProvider#getPhase()
+     */
+    public String getPhase() {
+        return Phase.SERVICE_POLICY;
+    }
+
+}
diff --git a/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor b/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor
index 79df6c7c62..3a514e6088 100644
--- a/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor
+++ b/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.contribution.processor.StAXArtifactProcessor
@@ -22,4 +22,5 @@ org.apache.tuscany.sca.policy.authorization.AuthorizationPolicyProcessor;qname=h
 org.apache.tuscany.sca.policy.authorization.AuthorizationPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#denyAll,model=org.apache.tuscany.sca.policy.authorization.AuthorizationPolicy
 org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#securityIdentity,model=org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicy
 org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicyProcessor;qname=http://www.osoa.org/xmlns/sca/1.0#runAs,model=org.apache.tuscany.sca.policy.identity.SecurityIdentityPolicy
-org.apache.tuscany.sca.policy.security.jaas.JaasAuthenticationPolicyProcessor;qname=http://tuscany.apache.org/xmlns/sca/1.0#jaasAuthentication,model=org.apache.tuscany.sca.policy.security.jaas.JaasAuthenticationPolicy
\ No newline at end of file
+org.apache.tuscany.sca.policy.security.jaas.JaasAuthenticationPolicyProcessor;qname=http://tuscany.apache.org/xmlns/sca/1.0#jaasAuthentication,model=org.apache.tuscany.sca.policy.security.jaas.JaasAuthenticationPolicy
+org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicyProcessor;qname=http://tuscany.apache.org/xmlns/sca/1.0#basicAuthentication,model=org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy
diff --git a/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.provider.PolicyProviderFactory b/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.provider.PolicyProviderFactory
index 0fa98020f9..95263b8836 100644
--- a/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.provider.PolicyProviderFactory
+++ b/java/sca/modules/policy-security/src/main/resources/META-INF/services/org.apache.tuscany.sca.provider.PolicyProviderFactory
@@ -17,3 +17,4 @@
 

 # Implementation class for the policy extension

 org.apache.tuscany.sca.policy.security.jaas.JaasAuthenticationPolicyProviderFactory;model=org.apache.tuscany.sca.policy.security.jaas.JaasAuthenticationPolicy

+org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicyProviderFactory;model=org.apache.tuscany.sca.policy.authentication.basic.BasicAuthenticationPolicy

diff --git a/java/sca/modules/policy/src/main/java/org/apache/tuscany/sca/policy/util/PolicyHandlerUtils.java b/java/sca/modules/policy/src/main/java/org/apache/tuscany/sca/policy/util/PolicyHandlerUtils.java
index f2977d63bf..6d6420017f 100644
--- a/java/sca/modules/policy/src/main/java/org/apache/tuscany/sca/policy/util/PolicyHandlerUtils.java
+++ b/java/sca/modules/policy/src/main/java/org/apache/tuscany/sca/policy/util/PolicyHandlerUtils.java
@@ -59,7 +59,6 @@ public class PolicyHandlerUtils {
         }
 
         return handler;
-    } 
-   
+    }  
 
 }
diff --git a/java/sca/modules/pom.xml b/java/sca/modules/pom.xml
index ba65aac46c..71e003f8ec 100644
--- a/java/sca/modules/pom.xml
+++ b/java/sca/modules/pom.xml
@@ -75,6 +75,7 @@
                 <module>binding-sca-xml</module>
                 <module>binding-ws</module>
                 <module>binding-ws-axis2</module>
+                <module>binding-ws-axis2-policy</module>
                 <module>binding-ws-wsdlgen</module>
                 <module>binding-ws-xml</module>
                 <module>contribution</module>