Well, the format and content of the WSSE timestamp shall (must?) not incluence the content or format of ofther timestamp contained in a SOAP request. The timestamps have different semantic and are relevant only for their environment.
The timestamps for WSS are defined in the OASIS WSS specifications and they say that the timestamps have to be in the UTC timezone. As for the format: you may switch off the millisecond part using a WSS4J handler parameter in the deployment descriptor (pls have a look in the docs - I can't remember the parameter's name just now). If you change the timezone of WSS timestamps you may risk interoperability. Regards, Werner > -----Ursprüngliche Nachricht----- > Von: Shyam Shukla [mailto:[EMAIL PROTECTED] > Gesendet: Freitag, 4. August 2006 06:51 > An: axis-dev@ws.apache.org; [EMAIL PROTECTED] > Betreff: RE: Customization of SOAP Envelop using Axis2 1.0 > > Eran, > > I am agree with you and want to let this job to do by > security handlers. > Actually, Why I am planning to modify the timestamps of > security tag is > because when I send customized SOAP request over http as I > have discussed in > this email, I get the following error message: > > << Start of Error Messafge >> > > org.apache.axis2.AxisFault: Axis2 transport error : Bad > Request; nested > exceptio > n is: > org.apache.axis2.AxisFault: Axis2 transport error : > Bad Request; > nested > exception is: > org.apache.axis2.AxisFault: Axis2 transport error : > Bad Request; > nested > exception is: > org.apache.axis2.AxisFault: Axis2 transport error : > Bad Request > at > org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(Com > monsHTTPTransportSender.java:223) > at > org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:589) > at > org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisO > peration.java:328) > at > org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAx > isOperation.java:279) > at > org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java: > 457) > at > org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java: > 399) > at > sample.security.ClientWebSecurityToken.main(ClientWebSecurityToken.ja > va:131) > Caused by: org.apache.axis2.AxisFault: Axis2 transport error > : Bad Request; > nest > ed exception is: > org.apache.axis2.AxisFault: Axis2 transport error : > Bad Request > at > org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessa > geWithCommons(CommonsHTTPTransportSender.java:305) > at > org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(Com > monsHTTPTransportSender.java:207) > ... 6 more > Caused by: org.apache.axis2.AxisFault: Axis2 transport error > : Bad Request > at > org.apache.axis2.transport.http.SOAPOverHTTPSender.send(SOAPOverHTTPS > ender.java:117) > at > org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessa > geWithCommons(CommonsHTTPTransportSender.java:299) > ... 7 more > > << End of Error Message >> > > I am also attaching log file (LogInfo.txt) which contains all > the messages > which were generated during web service interaction at remote machine. > > When you look at log file you will notice that timestamp format in > <wst:LifeTime> and <wsse:UsernameToken> tags is belongs to > IST timezone > while in <wsse:Security> tag it belongs to UTC timezone. > > So I suspect this may be the cause of error i.e. "Bad Request". > > I am also attaching exact format of SOAP request > (Required_SoapRequest_Format.txt) that I am required to send to remote > machine for web service. > > Please guide me where am I going wrong? > > Best Regards, > Shyam Shukla > > -----Original Message----- > From: Eran Chinthaka [mailto:[EMAIL PROTECTED] > Sent: Thursday, August 03, 2006 7:44 PM > To: axis-dev@ws.apache.org > Subject: Re: Customization of SOAP Envelop using Axis2 1.0 > > Shyam Shukla wrote: > > Thanks Eran it worked and now I have one more problem... :) > > In my SOAP request header under <wsse:Security> tag, there > is <Timestamp> > > tag as below: > > > > <wsu:Timestamp > > > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > -wss-wssecurit > > y-utility-1.0.xsd" wsu:Id="Timestamp-2086370"> > > > > <wsu:Created>2006-08-02T11:39:58.015Z</wsu:Created> > > <wsu:Expires>2006-08-02T11:44:58.015Z</wsu:Expires> > > </wsu:Timestamp> > > > > My task is to modify the format of <wsu:Created> and > <wsu:Expires> tags in > a > > different format like yyyy-mm-ddThh:mm:ssZ and also want to > change the > > timezone. > > Do you wanna do this, after security handler puts these information? I > don't think its a good idea as if you change the stuff after security > handler, message integrity checks in the server side might > fail. So the > best thing is to change the formats in the security handlers itself. > > Ruchith (Mr. security), do you have inputs for this? > > -- Chinthaka > > > DISCLAIMER > ========== > This e-mail may contain privileged and confidential > information which is the property of Persistent Systems Pvt. > Ltd. It is intended only for the use of the individual or > entity to which it is addressed. If you are not the intended > recipient, you are not authorized to read, retain, copy, > print, distribute or use this message. If you have received > this communication in error, please notify the sender and > delete all copies of this message. Persistent Systems Pvt. > Ltd. does not accept any liability for virus infected mails. > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
