cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrei Shakirin <ashaki...@talend.com>
Subject RE: CXF WSS4J and timestampStrict
Date Mon, 03 Dec 2012 10:01:14 GMT
Hi Marcin,

Seems that error is caused by incorrect security headers order.
Can you put wire message here?

Cheers,
Andrei.

> -----Original Message-----
> From: marcin.kasinski [mailto:marcin.kasinski@gmail.com]
> Sent: Samstag, 1. Dezember 2012 14:18
> To: dev@cxf.apache.org
> Subject: CXF WSS4J and timestampStrict
> 
> I have simple cxf service configured with action "Timestamp Signature
> Encrypt".
> 
> In spring configuration I added <entry key="timestampStrict"
> value="false"/>, because in requests sometimes there is no Timestamp
> header.
> 
> 
> From documentation I can read : timestampStrict: Set whether to enable
> strict Timestamp handling. Default is "true".
> 
> Problem is that if there is no timestamp header in request I get error:
> 
> 
> Caused by: org.apache.ws.security.WSSecurityException: An error was
> discovered processing the <wsse:Security> header
> 	at
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInI
> nterceptor.java:380)
> 	at
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4
> JInInterceptor.java:301)
> 	... 28 more
> 
> gru 01
> 
> 
> Having timestamp header in request everything works fine.
> 
> Can you explain it please?
> 
> 
> 
> 
> 
> -----
> 
> Regards
> Marcin Kasinski
> http://itzone.com.pl
> --
> View this message in context: http://cxf.547215.n5.nabble.com/CXF-WSS4J-
> and-timestampStrict-tp5719532.html
> Sent from the cxf-dev mailing list archive at Nabble.com.

Mime
View raw message