[jboss-user] [JBossWS] - Re: WS-Security - Invalid timestamp, message claimed to be c

rmartony do-not-reply at jboss.com
Mon Mar 26 08:41:03 EDT 2007 

A workaround using a system property (jboss.ws.timestampTolerance) to set tolerance:


  | // Source File Name:   TimestampVerificationOperation.java
  | 
  | package org.jboss.ws.wsse;
  | 
  | import java.io.PrintStream;
  | import java.util.Calendar;
  | import org.jboss.ws.wsse.element.Timestamp;
  | import org.w3c.dom.Document;
  | 
  | // Referenced classes of package org.jboss.ws.wsse:
  | //            WSSecurityException, FailedCheckException
  | 
  | public class TimestampVerificationOperation
  | {
  | 
  |     public TimestampVerificationOperation()
  |     {
  |         now = null;
  |     }
  | 
  |     public TimestampVerificationOperation(Calendar now)
  |     {
  |         this.now = null;
  |         this.now = now;
  |     }
  | 
  |     public void process(Document message, Timestamp timestamp)
  |         throws WSSecurityException
  |     {
  |         Calendar expired = timestamp.getExpires();
  |         Calendar created = timestamp.getCreated();
  |         Calendar now = this.now != null ? this.now : Calendar.getInstance();
  |         if(Math.abs(created.getTimeInMillis() - now.getTimeInMillis()) > TIMESTAMP_TOLERANCE)
  |             throw new WSSecurityException("Invalid timestamp, message claimed to be created after now");
  |         if(expired != null && Math.abs(now.getTimeInMillis() - expired.getTimeInMillis()) > TIMESTAMP_TOLERANCE)
  |             throw new FailedCheckException("Expired message.");
  |         else
  |             return;
  |     }
  | 
  |     private Calendar now;
  |     private static long TIMESTAMP_TOLERANCE;
  |     private static String TIMESTAMP_TOLERANCE_PROPERTY;
  | 
  |     static 
  |     {
  |         TIMESTAMP_TOLERANCE = 60000L;
  |         TIMESTAMP_TOLERANCE_PROPERTY = "jboss.ws.timestampTolerance";
  |         String value = null;
  |         System.out.println((new StringBuilder()).append("Setting the property value ").append(TIMESTAMP_TOLERANCE_PROPERTY).toString());
  |         try
  |         {
  |             value = System.getProperty(TIMESTAMP_TOLERANCE_PROPERTY);
  |             if(value != null)
  |                 TIMESTAMP_TOLERANCE = Long.parseLong(value);
  |             else
  |                 System.out.println("The value of the property has not been set as a system property");
  |         }
  |         catch(Throwable e)
  |         {
  |             System.out.println((new StringBuilder()).append("Error ocurred during setting of property value ").append(TIMESTAMP_TOLERANCE_PROPERTY).append(" con el valor: ").append(value).toString());
  |         }
  |         System.out.println((new StringBuilder()).append("The new timestamp tolerance is ").append(TIMESTAMP_TOLERANCE_PROPERTY).append(" = ").append(TIMESTAMP_TOLERANCE).toString());
  |     }
  | }
  | 

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4031566#4031566

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4031566

More information about the jboss-user mailing list