[
https://issues.apache.org/jira/browse/CXF-2746?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Nikolay Khasanov closed CXF-2746.
---------------------------------
Resolution: Invalid
Fix Version/s: Invalid
Sorry for disturbing, did not quite understand how it works. There may be
"timeToLive" jaxws:property used.
> Wrong validation of Timestamp/Created value: always default TimeToLive is
> used (300 sec.)
> -----------------------------------------------------------------------------------------
>
> Key: CXF-2746
> URL: https://issues.apache.org/jira/browse/CXF-2746
> Project: CXF
> Issue Type: Bug
> Components: WS-* Components
> Affects Versions: 2.2.7
> Reporter: Nikolay Khasanov
> Fix For: Invalid
>
>
> I can see two validations of Timestamp during executing
> WSS4JInInterceptor.handleMessage() method.
> First checks Timestamp/Expires value and looks good, but next one contains
> errors:
> When WSS4JInInterceptor.handleMessage() method calls
> verifyTimestamp(timestamp, decodeTimeToLive(reqData))) second parameter is
> always 300. I didn't found any places where ttl value is set for RequestData
> - so default value eq 300 is always retured.
> It is expected that ttl value will equal (Timestamp/Expires -
> Timestamp/Created)/1000
> At the same time if Timestamp/Expires value is absent then message will never
> expire.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
