Author: ruchithf
Date: Fri Feb 9 16:01:03 2007
New Revision: 505574
URL: http://svn.apache.org/viewvc?view=rev&rev=505574
Log:
Applied the patch from Hans to fix
https://issues.apache.org/jira/browse/RAMPART-4
Thanks Hans!
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/RampartConfigBuilder.java
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/RampartConfig.java
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java?view=diff&rev=505574&r1=505573&r2=505574
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
(original)
+++
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/PolicyBasedResultsValidator.java
Fri Feb 9 16:01:03 2007
@@ -109,9 +109,9 @@
/*
* Perform further checks on the timestamp that was transmitted in the
- * header. In the following implementation the timestamp is valid if it
- * was created after (now-ttl), where ttl is set on server side, not by
- * the client.
+ * header.
+ * In the following implementation the timestamp is valid if :
+ * Timestamp->Created < 'now' < Timestamp->Expires (Last test already
handled by WSS4J)
*
* Note: the method verifyTimestamp(Timestamp) allows custom
* implementations with other validation algorithms for subclasses.
@@ -381,18 +381,16 @@
private boolean verifyTimestamp(Timestamp timestamp, int timeToLive)
throws RampartException {
- // Calculate the time that is allowed for the message to travel
- Calendar validCreation = Calendar.getInstance();
- long currentTime = validCreation.getTime().getTime();
- currentTime -= timeToLive * 1000;
- validCreation.setTime(new Date(currentTime));
-
- // Validate the time it took the message to travel
- // if (timestamp.getCreated().before(validCreation) ||
- // !timestamp.getCreated().equals(validCreation)) {
+ // 'now' must be between ts->Created and ts->Expires
+ // here we test that now is after ts->Created
+ // test that now is before ts->Expires is handled earlier by WSS4J
+
Calendar cre = timestamp.getCreated();
- if (cre != null && !cre.after(validCreation)) {
- return false;
+ if (cre != null) {
+ Calendar now = Calendar.getInstance();
+ if( now.before( cre ) ) {
+ return false;
+ }
}
return true;
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/RampartConfigBuilder.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/RampartConfigBuilder.java?view=diff&rev=505574&r1=505573&r2=505574
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/RampartConfigBuilder.java
(original)
+++
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/builders/RampartConfigBuilder.java
Fri Feb 9 16:01:03 2007
@@ -58,6 +58,12 @@
.build(childElement.getFirstElement()));
}
+ childElement = element.getFirstChildWithName(new QName(
+ RampartConfig.NS, RampartConfig.TS_TTL_LN));
+ if (childElement != null) {
+ rampartConfig.setTimestampTTL(childElement.getText().trim());
+ }
+
return rampartConfig;
}
Modified:
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/RampartConfig.java
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/RampartConfig.java?view=diff&rev=505574&r1=505573&r2=505574
==============================================================================
---
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/RampartConfig.java
(original)
+++
webservices/rampart/trunk/java/modules/rampart-core/src/main/java/org/apache/rampart/policy/model/RampartConfig.java
Fri Feb 9 16:01:03 2007
@@ -58,7 +58,7 @@
*/
public class RampartConfig implements Assertion {
- public static final int DEFAULT_TIMESTAMP_TTL = 300000;
+ public static final int DEFAULT_TIMESTAMP_TTL = 300;
public final static String NS = "http://ws.apache.org/rampart/policy";;
