[AXIS2C-266] expires element in timestamp is optional - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: rampart
Labels:
None

Description

rampart_timestamp_token_validate requires an expires element, but the specs (including BasicSecurityProfile) make expires optional. If expires is not present, it means simply that the sender is not requesting any expiry of the message's security semantics.

You would still want to do freshness checking of the message, but that needs to be controlled by the receiver's policy, not by the sender.

Attachments

Activity

People

Assignee:: Malinda Kaushalye Kapuruge

Reporter:: James Clark

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 09/Sep/06 08:24

Updated:: 07/Apr/20 17:44

Resolved:: 11/Sep/06 09:57