[SWS-862] Make future time to live value configurable Created: 21/Jan/14  Updated: 20/Mar/14  Resolved: 03/Feb/14

Status: Resolved
Project: Spring Web Services
Component/s: Security
Affects Version/s: None
Fix Version/s: 2.2.RC1

Type: Improvement Priority: Minor
Reporter: jaminh Assignee: Arjen Poutsma
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


 Description   

Add a way to configure the future time to live value in the WSSConfig so that you can increase the tolerance when checking that the "Created" time in the timestamp is valid.



 Comments   
Comment by jaminh [ 21/Jan/14 ]

Forgot to mention this is in the Wss4jSecurityInterceptor.

Comment by Arjen Poutsma [ 31/Jan/14 ]

Isn't this what you're looking for?

http://docs.spring.io/spring-ws/site/apidocs/org/springframework/ws/soap/security/wss4j/Wss4jSecurityInterceptor.html#setValidationTimeToLive(int)

Comment by jaminh [ 31/Jan/14 ]

That controls the tolerance for the Expired time but there is also a setting for controlling the tolerance for the Created time. See futureTimeToLive in http://ws.apache.org/wss4j/xref/org/apache/ws/security/validate/TimestampValidator.html

Comment by Arjen Poutsma [ 31/Jan/14 ]

Ah, I misunderstood. Reopening.

Comment by Arjen Poutsma [ 03/Feb/14 ]

Fixed. Added a timeToLive property to the Wss4jSecurityInterceptor.

Generated at Mon Dec 11 13:18:12 UTC 2017 using JIRA 6.4.14#64029-sha1:ae256fe0fbb912241490ff1cecfb323ea0905ca5.