Major Description
STSClient does not add a Renewing element to the RequestSecurityToken message when performing a renew, regardless of the value of sendRenewing (or allowRenewing or allowRenewingAfterExpiry).
This does not prevent prevent a renewal from being renewed because that is allowed by default, but it does prevent a renewal from being renewed after expiry (OK=true attribute) when that option is enabled.
The client is also unable to prevent a renewal from being renewable (using the Allow=false attribute) however I'm not sure the client would ever attempt that anyway since the same restriction would be on the originally issued token so you would never get that far.
See AbstractSTSClient#renew(SecurityToken) line 955 which I believe needs code similar to AbstractSTSClient#issue(String,String,String,String) lines 745-755.