[jira] [Comment Edited] (CXF-5474) The message has expired

Wed, 30 Apr 2014 06:32:10 -0700 

    [ 
https://issues.apache.org/jira/browse/CXF-5474?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13985461#comment-13985461
 ] 

Allan Cheong Tyng Huei edited comment on CXF-5474 at 4/30/14 1:30 PM:
----------------------------------------------------------------------

Noted. In 2.0-beta, the section of the codes that parse createdDate has now 
changed:

http://grepcode.com/file/repo1.maven.org/maven2/org.apache.wss4j/wss4j-ws-security-dom/2.0-beta/org/apache/wss4j/dom/message/token/UsernameToken.java#226

I'm not sure if this will still be in UTC time.

Edit: I was looking a different library. Please ignore this comment


was (Author: allancth):
Noted. In 2.0-beta, the section of the codes that parse createdDate has now 
changed:

http://grepcode.com/file/repo1.maven.org/maven2/org.apache.wss4j/wss4j-ws-security-dom/2.0-beta/org/apache/wss4j/dom/message/token/UsernameToken.java#226

I'm not sure if this will still be in UTC time.

> The message has expired
> -----------------------
>
>                 Key: CXF-5474
>                 URL: https://issues.apache.org/jira/browse/CXF-5474
>             Project: CXF
>          Issue Type: Bug
>          Components: JAX-WS Runtime, WS-* Components
>    Affects Versions: 2.7.9
>         Environment: Environment :
> Apache CXF 2.7.8
> Jboss EAP 6
> SoapUI for testing client Side
>            Reporter: Mahesh Narke
>              Labels: cxf, soap, soapui
>             Fix For: NeedMoreInfo
>
>   Original Estimate: 10h
>  Remaining Estimate: 10h
>
> I tried to implement for simple authentication i.e with password simple text 
> type, it is working but when i tried to implement for password digest type 
> ,then giving me exception:
> unwinding now: org.apache.cxf.binding.soap.SoapFault: The message has expired 
> org.apache.ws.security.WSSecurityException: The message has expired
> I am giving new nonce value for each request and time within five min diff
> WSS4JInInterceptor Bean class defination:
> <?xml version="1.0" encoding="UTF-8"?>
> <beans xmlns="http://www.springframework.org/schema/beans";
>     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>     xmlns:jaxws="http://cxf.apache.org/jaxws";
>     xsi:schemaLocation="
> http://www.springframework.org/schema/beans 
> http://www.springframework.org/schema/beans/spring-beans.xsd
> http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd";>
>     <import resource="classpath:META-INF/cxf/cxf.xml" /> 
>     <import resource="classpath:META-INF/cxf/cxf-extension-soap.xml" />
>     <import resource="classpath:META-INF/cxf/cxf-servlet.xml" /> 
>     <jaxws:endpoint id="orderProcess" 
> implementor="demo.order.OrderProcessImpl" address="/OrderProcess" >
>       <jaxws:inInterceptors>
>          <bean
>             class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
>             <constructor-arg>
>                 <map>
>                   <entry key="action" value="UsernameToken"/>
>                   <entry key="passwordType" value="PasswordDigest"/>
>                   <entry key="passwordCallbackRef" 
> value-ref="myPasswordCallback"/>
>                </map> 
>             </constructor-arg>
>          </bean>
>       </jaxws:inInterceptors>
>       </jaxws:endpoint>
>       <bean id="myPasswordCallback" class="service.ServerPasswordCallback" /> 
>  
> </beans>
> Client xml request Code:
>   <soapenv:Envelope 
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; 
> xmlns:ord="http://order.demo/"; 
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
>  
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
>  <soapenv:Header>
> <wsse:Security>
>            <wsse:UsernameToken>
>                                 <wsse:Username>joe</wsse:Username>
>                                 <wsse:Password 
> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";>PE7F51/oyWFVMsiZURuUwjoZVPY=</wsse:Password>
>                          
> <!--<wsu:Created>2013-12-17T13:12:00.429Z</wsu:Created>-->
>                            <wsse:Nonce 
> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";>efPSkfHXTM6NFDDD1CJHsw==</wsse:Nonce>
>                               <wsu:Created>2013-12-23T12:17:15Z</wsu:Created>
>                </wsse:UsernameToken>
> </wsse:Security>
> </soapenv:Header>
>    <soapenv:Body>
>       <ord:processOrder>
>          <!--Optional:-->
>          <arg0>
>             <!--Optional:-->
>             <customerID>234</customerID>
>             <!--Optional:-->
>             <itemID>0908923</itemID>
>             <price>23423</price>
>             <qty>1000</qty>
>          </arg0>
>       </ord:processOrder>
>    </soapenv:Body>
> </soapenv:Envelope>
> When i tried to call the service i am getting exception as
> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";>
>    <soap:Body>
>       <soap:Fault>
>          <faultcode 
> xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>ns1:MessageExpired</faultcode>
>          <faultstring>The message has expired</faultstring>
>       </soap:Fault>
>    </soap:Body>
> </soap:Envelope>
> Can any one tell me where i am making mistake?



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to