Author: coheigea
Date: Fri Dec 2 13:53:23 2011
New Revision: 1209482
URL: http://svn.apache.org/viewvc?rev=1209482&view=rev
Log:
[CXF-3948] - CXF 2.3.x does not configure the Future TTL value for Timestamp
processing
Modified:
cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
Modified:
cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
URL:
http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java?rev=1209482&r1=1209481&r2=1209482&view=diff
==============================================================================
---
cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
(original)
+++
cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
Fri Dec 2 13:53:23 2011
@@ -363,7 +363,19 @@ public class WSS4JInInterceptor extends
(WSSecurityEngineResult) timestampResults.get(i);
Timestamp timestamp =
(Timestamp)result.get(WSSecurityEngineResult.TAG_TIMESTAMP);
- if (timestamp != null && !verifyTimestamp(timestamp,
decodeTimeToLive(reqData))) {
+ String futureTTL =
+ getString(WSHandlerConstants.TTL_FUTURE_TIMESTAMP,
reqData.getMsgContext());
+ int futureTimeToLive = 60;
+ if (futureTTL != null) {
+ try {
+ futureTimeToLive = Integer.parseInt(futureTTL);
+ } catch (NumberFormatException e) {
+ futureTimeToLive = 60;
+ }
+ }
+
+ if (timestamp != null
+ && !verifyTimestamp(timestamp, decodeTimeToLive(reqData),
futureTimeToLive)) {
LOG.warning("The timestamp could not be validated");
throw new
WSSecurityException(WSSecurityException.MESSAGE_EXPIRED);
}
