Uploaded image for project: 'WSS4J'
  1. WSS4J
  2. WSS-554

Improved error message for timestamp in the future

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Trivial
    • Resolution: Fixed
    • 1.6.18
    • 2.0.6, 2.1.4
    • WSS4J Core
    • None
    • Any

    Description

      The error message "The message is expired" (WSSecurityException.MESSAGE_EXPIRED) is returned for the case of
      timeStamp.isExpired() as well as when the created timestamp is in the future
      in the org.apache.ws.security.validate.TimestampValidator.

      When a client has a clock set a few minutes in the future (or past), their timestamp fails verification in the verifyCreated method in the Timestamp, the return of message expired is misleading and can cause a user to look in the wrong place. Maybe "The message timestamp is out of range!?"

      Attachments

        Activity

          People

            coheigea Colm O hEigeartaigh
            rudster Rudi Grasmuck
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: