cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1209482 - /cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
Date Fri, 02 Dec 2011 13:53:24 GMT
Author: coheigea
Date: Fri Dec  2 13:53:23 2011
New Revision: 1209482

URL: http://svn.apache.org/viewvc?rev=1209482&view=rev
Log:
[CXF-3948] - CXF 2.3.x does not configure the Future TTL value for Timestamp processing

Modified:
    cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java

Modified: cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
URL: http://svn.apache.org/viewvc/cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java?rev=1209482&r1=1209481&r2=1209482&view=diff
==============================================================================
--- cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
(original)
+++ cxf/branches/2.3.x-fixes/rt/ws/security/src/main/java/org/apache/cxf/ws/security/wss4j/WSS4JInInterceptor.java
Fri Dec  2 13:53:23 2011
@@ -363,7 +363,19 @@ public class WSS4JInInterceptor extends 
                     (WSSecurityEngineResult) timestampResults.get(i);
                 Timestamp timestamp = (Timestamp)result.get(WSSecurityEngineResult.TAG_TIMESTAMP);
 
-                if (timestamp != null && !verifyTimestamp(timestamp, decodeTimeToLive(reqData)))
{
+                String futureTTL = 
+                    getString(WSHandlerConstants.TTL_FUTURE_TIMESTAMP, reqData.getMsgContext());
+                int futureTimeToLive = 60;
+                if (futureTTL != null) {
+                    try {
+                        futureTimeToLive = Integer.parseInt(futureTTL);
+                    } catch (NumberFormatException e) {
+                        futureTimeToLive = 60;
+                    }
+                }
+                    
+                if (timestamp != null 
+                    && !verifyTimestamp(timestamp, decodeTimeToLive(reqData), futureTimeToLive))
{
                     LOG.warning("The timestamp could not be validated");
                     throw new WSSecurityException(WSSecurityException.MESSAGE_EXPIRED);
                 }



Mime
View raw message