[SWS-862] Make future time to live value configurable Created: 21/Jan/14  Updated: 20/Mar/14  Resolved: 03/Feb/14

Status: Resolved
Project: Spring Web Services
Component/s: Security
Affects Version/s: None
Fix Version/s: 2.2.RC1

Type: Improvement Priority: Minor
Reporter: jaminh Assignee: Arjen Poutsma
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified


Add a way to configure the future time to live value in the WSSConfig so that you can increase the tolerance when checking that the "Created" time in the timestamp is valid.

Comment by jaminh [ 21/Jan/14 ]

Forgot to mention this is in the Wss4jSecurityInterceptor.

Comment by Arjen Poutsma [ 31/Jan/14 ]

Isn't this what you're looking for?


Comment by jaminh [ 31/Jan/14 ]

That controls the tolerance for the Expired time but there is also a setting for controlling the tolerance for the Created time. See futureTimeToLive in http://ws.apache.org/wss4j/xref/org/apache/ws/security/validate/TimestampValidator.html

Comment by Arjen Poutsma [ 31/Jan/14 ]

Ah, I misunderstood. Reopening.

Comment by Arjen Poutsma [ 03/Feb/14 ]

Fixed. Added a timeToLive property to the Wss4jSecurityInterceptor.

Generated at Sat Nov 17 00:16:14 UTC 2018 using JIRA 7.9.2#79002-sha1:3bb15b68ecd99a30eb364c4c1a393359bcad6278.