Hi, I'm currently trying out some scenarios with Rampart and run into an issue with the Rampart module. When just specifying the timeout security action, this timeout isn't checked by the incoming security handler. Is this correct behaviour?
On the serverside I specified the following: <parameter name="InflowSecurity"> <action> <items>Timestamp</items> </action> </parameter> And on the client side I've configured it like this: <parameter name="OutflowSecurity"> <action> <items>Timestamp</items> <timeToLive>1</timeToLive> </action> </parameter> When I delay the sending of the message (e.g. by debugging) the message is still accepted at the server even though the ttl has passed. When I debug somewhat deeper into the WSS4J code, I don't see a check there. I hope this is the correct forum to ask this question, if not I'll try at the WSS4J forum. -- View this message in context: http://www.nabble.com/-Axis2--Rampart-WSS4J-timestamp-check-tf2222118.html#a6156270 Sent from the Axis - User forum at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]