WSS4J
  1. WSS4J
  2. WSS-187

Support Nonce Caching in Username Token Processing

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.5.7
    • Fix Version/s: 1.6.5
    • Component/s: WSS4J Core
    • Labels:
      None

      Description


      We should really implement a nonce cache in the Username Token Processor. If anyone feels like picking this up let me know, as it's not on my radar for 1.6

        Activity

        Hide
        Patrick Ryan added a comment -

        Memcached is something we've been talking about internally. Adding a Memcached java client dependency may or may not be reasonable. Having a shared cache available to multiple servers is an interesting challenge. But each processor having a nonce cache independent of other processors in the same cluster is of limited value for replay protection using nonces.

        Show
        Patrick Ryan added a comment - Memcached is something we've been talking about internally. Adding a Memcached java client dependency may or may not be reasonable. Having a shared cache available to multiple servers is an interesting challenge. But each processor having a nonce cache independent of other processors in the same cluster is of limited value for replay protection using nonces.
        Hide
        Colm O hEigeartaigh added a comment -

        Hi Patrick,

        I agree. I think it is up to the web service stack using WSS4J to provide the nonce caching capabilities. I believe Rampart supports this already - CXF does not.

        Colm.

        Show
        Colm O hEigeartaigh added a comment - Hi Patrick, I agree. I think it is up to the web service stack using WSS4J to provide the nonce caching capabilities. I believe Rampart supports this already - CXF does not. Colm.

          People

          • Assignee:
            Colm O hEigeartaigh
            Reporter:
            Colm O hEigeartaigh
          • Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development