axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Malinda Kaushalye Kapuruge (JIRA)" <j...@apache.org>
Subject [jira] Commented: (AXIS2C-263) Replay detection needed
Date Mon, 11 Sep 2006 12:26:24 GMT
    [ http://issues.apache.org/jira/browse/AXIS2C-263?page=comments#action_12433835 ] 
            
Malinda Kaushalye Kapuruge commented on AXIS2C-263:
---------------------------------------------------

To prevent replay attacks we might need to cache the Username with the created time for a
given period.
In this way we can throw an error if the same user sends two(or more) messages at the same
time. But this is not that effective as one can send messages with different time stamps.

A better approach would be using digitally signed timestamps. But right now rampart does not
support digital signatures. Do you have any other ideas to prevent replay attacks without
using digitally signed timestamps?


> Replay detection needed
> -----------------------
>
>                 Key: AXIS2C-263
>                 URL: http://issues.apache.org/jira/browse/AXIS2C-263
>             Project: Axis2-C
>          Issue Type: Bug
>          Components: rampart
>    Affects Versions: Current (Nightly)
>            Reporter: James Clark
>         Assigned To: Malinda Kaushalye Kapuruge
>            Priority: Critical
>
> You need to implement replay detection.  See section 13.2.1 of WS-Security 2004.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org


Mime
View raw message