You are viewing a plain text version of this content. The canonical link for it is here.

Posted to fx-dev@ws.apache.org by we...@apache.org on 2005/11/17 15:56:06 UTC

svn commit: r345254 - /webservices/wss4j/trunk/src/org/apache/ws/security/processor/TimestampProcessor.java

Author: werner
Date: Thu Nov 17 06:56:03 2005
New Revision: 345254

URL: http://svn.apache.org/viewcvs?rev=345254&view=rev
Log:
Enable the conditional timestamp exception.

Modified:
    webservices/wss4j/trunk/src/org/apache/ws/security/processor/TimestampProcessor.java

Modified: webservices/wss4j/trunk/src/org/apache/ws/security/processor/TimestampProcessor.java
URL: http://svn.apache.org/viewcvs/webservices/wss4j/trunk/src/org/apache/ws/security/processor/TimestampProcessor.java?rev=345254&r1=345253&r2=345254&view=diff
==============================================================================
--- webservices/wss4j/trunk/src/org/apache/ws/security/processor/TimestampProcessor.java (original)
+++ webservices/wss4j/trunk/src/org/apache/ws/security/processor/TimestampProcessor.java Thu Nov 17 06:56:03 2005
@@ -37,10 +37,13 @@
 public class TimestampProcessor implements Processor {
     private static Log log = LogFactory.getLog(TimestampProcessor.class.getName());
 
+    private WSSConfig wssConfig = null;
+    
     public void handleToken(Element elem, Crypto crypto, Crypto decCrypto, CallbackHandler cb, WSDocInfo wsDocInfo, Vector returnResults, WSSConfig wsc) throws WSSecurityException {
         if (log.isDebugEnabled()) {
             log.debug("Found Timestamp list element");
         }
+        wssConfig = wsc;
         /*
          * Decode Timestamp, add the found time (created/expiry) to result
          */
@@ -72,13 +75,12 @@
 		// Validate whether the security semantics have expired
 		Calendar rightNow = Calendar.getInstance();
 		Calendar exp = timestamp.getExpires();
-		if (exp != null && exp.before(rightNow)) {
+		if (exp != null && wssConfig.isTimeStampStrict() && exp.before(rightNow)) {
 			throw new WSSecurityException(
 					WSSecurityException.INVALID_SECURITY,
 					"invalidTimestamp",
 					new Object[] { "The security semantics of message have expired" });
 		}
-
 		return;
 	}
 }



---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org