CXF STS renewed token not itself renewable.

When renewing a security token (a SAML assertion in my test case) the returned token cannot be renewed again (nor can the original). This is true even if the <Renewing/> element is present in the renewal RST message.

It seems that the SAMLTokenRenewer class does not put the STSConstants.TOKEN_RENEWING_ALLOW and STSConstants.TOKEN_RENEWING_ALLOW_AFTER_EXPIRY properties on the SecurityTOken placed in the token store, which are required for renewal to later take place.