Hi,
I'm currently trying out some scenarios with Rampart and run into an issue
with the Rampart module. When just specifying the timeout security action,
this timeout isn't checked by the incoming security handler. Is this correct
behaviour?
On the serverside I specified the following:
<parameter name="InflowSecurity">
<action>
<items>Timestamp</items>
</action>
</parameter>
And on the client side I've configured it like this:
<parameter name="OutflowSecurity">
<action>
<items>Timestamp</items>
<timeToLive>1</timeToLive>
</action>
</parameter>
When I delay the sending of the message (e.g. by debugging) the message is
still accepted at the server even though the ttl has passed. When I debug
somewhat deeper into the WSS4J code, I don't see a check there.
I hope this is the correct forum to ask this question, if not I'll try at
the WSS4J forum.
--
View this message in context:
http://www.nabble.com/-Axis2--Rampart-WSS4J-timestamp-check-tf2222118.html#a6156270
Sent from the Axis - User forum at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
