--- old/src/com/sun/org/apache/xerces/internal/impl/PropertyManager.java	Fri Nov 15 11:27:31 2013
+++ new/src/com/sun/org/apache/xerces/internal/impl/PropertyManager.java	Fri Nov 15 11:27:30 2013
@@ -87,8 +87,18 @@
 
         HashMap properties = propertyManager.getProperties();
         supportedProps.putAll(properties);
-        fSecurityManager = (XMLSecurityManager)getProperty(SECURITY_MANAGER);
-        fSecurityPropertyMgr = (XMLSecurityPropertyManager)getProperty(XML_SECURITY_PROPERTY_MANAGER);
+        Object temp = getProperty(SECURITY_MANAGER);
+        //writers have no need for the managers
+        if (temp != null) {        
+            fSecurityManager = new XMLSecurityManager((XMLSecurityManager)temp);
+            supportedProps.put(SECURITY_MANAGER, fSecurityManager);
+        }
+        temp = getProperty(XML_SECURITY_PROPERTY_MANAGER);
+        if (temp != null) {
+            fSecurityPropertyMgr = new XMLSecurityPropertyManager(
+                    (XMLSecurityPropertyManager)temp);
+            supportedProps.put(XML_SECURITY_PROPERTY_MANAGER, fSecurityPropertyMgr);    
+        }
     }
 
     private HashMap getProperties(){
@@ -182,18 +192,18 @@
          * It's possible for users to set a security manager through the interface.
          * If it's the old SecurityManager, convert it to the new XMLSecurityManager
          */
-        if (property.equals(Constants.SECURITY_MANAGER)) {
+        if (property.equals(SECURITY_MANAGER)) {
             fSecurityManager = XMLSecurityManager.convert(value, fSecurityManager);
-            supportedProps.put(Constants.SECURITY_MANAGER, fSecurityManager);
+            supportedProps.put(SECURITY_MANAGER, fSecurityManager);
             return;
         }
-        if (property.equals(Constants.XML_SECURITY_PROPERTY_MANAGER)) {
+        if (property.equals(XML_SECURITY_PROPERTY_MANAGER)) {
             if (value == null) {
                 fSecurityPropertyMgr = new XMLSecurityPropertyManager();
             } else {
                 fSecurityPropertyMgr = (XMLSecurityPropertyManager)value;
             }
-            supportedProps.put(Constants.XML_SECURITY_PROPERTY_MANAGER, fSecurityPropertyMgr);
+            supportedProps.put(XML_SECURITY_PROPERTY_MANAGER, fSecurityPropertyMgr);
             return;
         }
 
--- old/src/com/sun/org/apache/xerces/internal/jaxp/validation/ValidatorHandlerImpl.java	Fri Nov 15 11:27:32 2013
+++ new/src/com/sun/org/apache/xerces/internal/jaxp/validation/ValidatorHandlerImpl.java	Fri Nov 15 11:27:32 2013
@@ -687,6 +687,7 @@
                            XMLSecurityManager securityManager = (XMLSecurityManager) fComponentManager.getProperty(SECURITY_MANAGER);
                            if (securityManager != null) {
                                try {
+                                   securityManager.resetLimits();
                                    reader.setProperty(SECURITY_MANAGER, securityManager);
                                }
                                // Ignore the exception if the security manager cannot be set.
--- old/src/com/sun/org/apache/xerces/internal/jaxp/validation/XMLSchemaValidatorComponentManager.java	Fri Nov 15 11:27:33 2013
+++ new/src/com/sun/org/apache/xerces/internal/jaxp/validation/XMLSchemaValidatorComponentManager.java	Fri Nov 15 11:27:33 2013
@@ -440,6 +440,9 @@
         fSchemaValidator.reset(this);
         // Mark configuration as fixed.
         fConfigUpdated = false;
+        if (fInitSecurityManager != null) {
+            fInitSecurityManager.resetLimits();
+        }
     }
 
     void setErrorHandler(ErrorHandler errorHandler) {
--- old/src/com/sun/org/apache/xerces/internal/parsers/XMLParser.java	Fri Nov 15 11:27:35 2013
+++ new/src/com/sun/org/apache/xerces/internal/parsers/XMLParser.java	Fri Nov 15 11:27:35 2013
@@ -150,6 +150,9 @@
      * reset all components before parsing
      */
     protected void reset() throws XNIException {
+        if (securityManager != null) {
+            securityManager.resetLimits();
+        }
     } // reset()
 
 } // class XMLParser
--- old/src/com/sun/org/apache/xerces/internal/utils/XMLLimitAnalyzer.java	Fri Nov 15 11:27:36 2013
+++ new/src/com/sun/org/apache/xerces/internal/utils/XMLLimitAnalyzer.java	Fri Nov 15 11:27:36 2013
@@ -110,6 +110,18 @@
     }
 
     /**
+     * Reset all limits to their default status
+     */
+    public void reset() {
+        for (int i=0; i<Limit.values().length; i++) {
+            values[i] = 0;
+            totalValue[i] = 0;
+            names[i] = null;
+            caches[i] = null;
+        }
+    }
+
+    /**
      * Add the value to the current max count for the specified property
      * To find the max value of all entities, set no limit
      *
--- old/src/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java	Fri Nov 15 11:27:40 2013
+++ new/src/com/sun/org/apache/xerces/internal/utils/XMLSecurityManager.java	Fri Nov 15 11:27:40 2013
@@ -132,7 +132,7 @@
     /**
      * Values of the properties
      */
-    private final int[] values;
+    private int[] values;
     /**
      * States of the settings for each property
      */
@@ -169,10 +169,7 @@
      * @param secureProcessing
      */
     public XMLSecurityManager(boolean secureProcessing) {
-        limitAnalyzer = new XMLLimitAnalyzer(this);
-        values = new int[Limit.values().length];
-        states = new State[Limit.values().length];
-        isSet = new boolean[Limit.values().length];
+        init();
         this.secureProcessing = secureProcessing;
         for (Limit limit : Limit.values()) {
             if (secureProcessing) {
@@ -187,6 +184,39 @@
         readSystemProperties();
     }
 
+    /**
+     * Clone a security manager
+     * @param securityManager a base security manager
+     */
+    public XMLSecurityManager(XMLSecurityManager securityManager) {
+        init();
+        if (securityManager != null) {
+            this.secureProcessing = securityManager.isSecureProcessing();
+            for (Limit limit : Limit.values()) {
+                values[limit.ordinal()] = securityManager.getLimit(limit);
+                states[limit.ordinal()] = securityManager.getState(limit);
+            }
+        }
+    }
+
+    /**
+     * Initialize values
+     */
+    private void init() {
+        limitAnalyzer = new XMLLimitAnalyzer(this);
+        int numOfElements = Limit.values().length;
+        values = new int[numOfElements];
+        states = new State[numOfElements];
+        isSet = new boolean[numOfElements];        
+    }
+
+    /**
+     * Reset all limits to their default status
+     */
+    public void resetLimits() {
+        limitAnalyzer.reset();
+    }
+
     /**
      * Setting FEATURE_SECURE_PROCESSING explicitly
      */
--- old/src/com/sun/org/apache/xerces/internal/utils/XMLSecurityPropertyManager.java	Fri Nov 15 11:27:42 2013
+++ new/src/com/sun/org/apache/xerces/internal/utils/XMLSecurityPropertyManager.java	Fri Nov 15 11:27:41 2013
@@ -91,6 +91,19 @@
         readSystemProperties();
     }
 
+    /**
+     * Clone a XMLSecurityPropertyManager
+     * @param propertyManager the base XMLSecurityPropertyManager
+     */
+    public XMLSecurityPropertyManager(XMLSecurityPropertyManager propertyManager) {
+        values = new String[Property.values().length];
+        if (propertyManager != null) {
+            for (Property property : Property.values()) {
+                values[property.ordinal()] = propertyManager.getValue(property);
+                states[property.ordinal()] = propertyManager.getState(property);            
+            }
+        }
+    }
 
     /**
      * Set limit by property name and state
@@ -189,6 +202,15 @@
     }
 
     /**
+     * Return the state of a property
+     * @param property
+     * @return return the state of the property 
+     */
+    public State getState(Property property) {
+        return states[property.ordinal()];
+    }
+    
+    /**
      * Read from system properties, or those in jaxp.properties
      */
     private void readSystemProperties() {