You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by Narayan Dhillon <Na...@vocalink.com> on 2008/02/26 19:07:41 UTC
Timestamp element in ws-security header
Hi devs,
If we want to just have "wsu:Created" element inside "wsu:Timestamp"
then Rampart doesn't allow it.
I think by setting below in rampart-config should allow it -
<ramp:timestampTTL>0</ramp:timestampTTL>
Problem seems to be in
org.apache.rampart.util.RampartUtil.getTimeToLive(..).
Please confirm and then I will raise a JIRA and supply the patch.
Regards, Narayan
*****************************************************
This email is issued by a VocaLink group company. It is confidential and intended for the exclusive use of the addressee only. You should not disclose its contents to any other person. If you are not the addressee (or responsible for delivery of the message to the addressee), please notify the originator immediately by return message and destroy the original message. The contents of this email will have no contractual effect unless it is otherwise agreed between a specific VocaLink group company and the recipient.
The VocaLink group companies include, among others: VocaLink Limited (Company No 06119048, VAT No. 907 9619 87) which is registered in England and Wales at registered office Drake House, Homestead Road, Rickmansworth, WD3 1FX. United Kingdom, Voca Limited (Company no 1023742, VAT No. 907 9619 87) which is registered in England and Wales at registered office Drake House, Three Rivers Court, Homestead Road, Rickmansworth, Hertfordshire. WD3 1FX. United Kingdom, LINK Interchange Network Limited (Company No 3565766, VAT No. 907 9619 87) which is registered in England and Wales at registered office Arundel House, 1 Liverpool Gardens, Worthing, West Sussex, BN11 1SL and VocaLink Holdings Limited (Company No 06119036, VAT No. 907 9619 87) which is registered in England and Wales at registered office Drake House, Homestead Road, Rickmansworth, WD3 1FX. United Kingdom.
The views and opinions expressed in this email may not reflect those of any member of the VocaLink group. This message and any attachments have been scanned for viruses prior to leaving the VocaLink group network; however, VocaLink does not guarantee the security of this message and will not be responsible for any damages arising as a result of any virus being passed on or arising from any alteration of this message by a third party. The VocaLink group may monitor emails sent to and from the VocaLink group network.
This message has been checked for all email viruses by MessageLabs.
*************************************************************
Re: Timestamp element in ws-security header
Posted by Nandana Mihindukulasooriya <na...@gmail.com>.
Hi Narayan,
I went through the Chapter 10 Security Timestamps of WS
SOAP Message Security and it says
<wsu:Expires ValueType="...">...</wsu:Expires>
element is optional and Rampart should allow it. Even the extended
example shows the usage of it. But I couldn't find a way to specify
that timestamp with only a created element using the ws security
policy language. So we will have to use Rampart configuration in both
server side and client side to specify this requirement. Anyway go
ahead and create a JIRA. We will discuss in the JIRA whether it is
good to set TTL value to Zero for this or use another configuration
parameter.
thanks,
/nandana
On Tue, Feb 26, 2008 at 11:37 PM, Narayan Dhillon
<Na...@vocalink.com> wrote:
> Hi devs,
>
>
>
> If we want to just have "wsu:Created" element inside "wsu:Timestamp"
> then Rampart doesn't allow it.
>
>
>
> I think by setting below in rampart-config should allow it -
>
> <ramp:timestampTTL>0</ramp:timestampTTL>
>
>
>
> Problem seems to be in
> org.apache.rampart.util.RampartUtil.getTimeToLive(..).
>
>
>
> Please confirm and then I will raise a JIRA and supply the patch.
>
>
>
> Regards, Narayan
>
>
> *****************************************************
> This email is issued by a VocaLink group company. It is confidential and intended for the exclusive use of the addressee only. You should not disclose its contents to any other person. If you are not the addressee (or responsible for delivery of the message to the addressee), please notify the originator immediately by return message and destroy the original message. The contents of this email will have no contractual effect unless it is otherwise agreed between a specific VocaLink group company and the recipient.
>
> The VocaLink group companies include, among others: VocaLink Limited (Company No 06119048, VAT No. 907 9619 87) which is registered in England and Wales at registered office Drake House, Homestead Road, Rickmansworth, WD3 1FX. United Kingdom, Voca Limited (Company no 1023742, VAT No. 907 9619 87) which is registered in England and Wales at registered office Drake House, Three Rivers Court, Homestead Road, Rickmansworth, Hertfordshire. WD3 1FX. United Kingdom, LINK Interchange Network Limited (Company No 3565766, VAT No. 907 9619 87) which is registered in England and Wales at registered office Arundel House, 1 Liverpool Gardens, Worthing, West Sussex, BN11 1SL and VocaLink Holdings Limited (Company No 06119036, VAT No. 907 9619 87) which is registered in England and Wales at registered office Drake House, Homestead Road, Rickmansworth, WD3 1FX. United Kingdom.
>
> The views and opinions expressed in this email may not reflect those of any member of the VocaLink group. This message and any attachments have been scanned for viruses prior to leaving the VocaLink group network; however, VocaLink does not guarantee the security of this message and will not be responsible for any damages arising as a result of any virus being passed on or arising from any alteration of this message by a third party. The VocaLink group may monitor emails sent to and from the VocaLink group network.
>
> This message has been checked for all email viruses by MessageLabs.
> *************************************************************
http://nandana83.blogspot.com/
http://nandanasm.wordpress.com/