Hi Guys, I am using Axis2 1.2 + Rampart 1.2 in a client that is connecting to a .NET based web service running on a remote server. I have found that when the client PC time is even slightly behind the server time then the Axis2/Rampart client will throw the following exception on receipt of a vaild response from the server: Caused by: org.apache.axis2.AxisFault: The timestamp could not be validated At org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:81) at org.apache.axis2.engine.Phase.invoke(Phase.java:383) at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:203) at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:131) at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperatio n.java:378) at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOpera tion.java:294) at com.mydials.DataSubmissionApiStub.About(DataSubmissionApiStub.java:183) at com.mydials.wshelper.MyDialsWSHelper.getAbout(MyDialsWSHelper.java:140)
.NET based clients (running on the same client PC) do not suffer from this problem. Is there a Rampart policy setting or configuration context property that I can use to work around this? I have found that even if I synchronise the client and server pc's to the same internet time source (e.g. time.windows.com) then the difference in pc times can still be large enough such that the Axis2/Rampart client continues to raise this exception. If I manually set the client PC's time to 30's after the servers time then the problem does not occur. I have included below a log of the message sent from the Axis2/Rampart client and the message returned by the .NET server (recorded using logging on the .NET server). As you can see, the .NET server is sending a response however the Rampart/Axis2 client cannot access this respons as an exception is thrown. Thanks and regards, Tim Munro Axis2/Rampart Client Request Message: ===================================== <MessageLogTraceRecord> <HttpRequest xmlns="http://schemas.microsoft.com/2004/06/ServiceModel/Management/MessageT race"> <Method>POST</Method> <QueryString></QueryString> <WebHeaders> <Transfer-Encoding>chunked</Transfer-Encoding> <Content-Type>text/xml; charset=UTF-8</Content-Type> <Host>secure.mywaynesworld.com</Host> <User-Agent>Axis2</User-Agent> <SOAPAction>"http://mydials.com/DataSubmissionApiContract/About";</SOAPAction > </WebHeaders> </HttpRequest> <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/";> <s:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecuri ty-secext-1.0.xsd" soapenv:mustUnderstand="1" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";> <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurit y-utility-1.0.xsd" wsu:Id="Timestamp-845718"> <wsu:Created>2007-07-05T09:27:17.375Z</wsu:Created> <wsu:Expires>2007-07-05T09:32:17.375Z</wsu:Expires> </wsu:Timestamp> <wsse:BinarySecurityToken> <!-- Removed --> </wsse:BinarySecurityToken> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; Id="Signature-33397973"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:CanonicalizationMet hod> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></ds:SignatureMethod> <ds:Reference URI="#Timestamp-845718"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod> <ds:DigestValue>5jOTw/Sj5qIdtFjOp0XR+wG9uoI=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>U34KB5TaGgAtM7pSfbH3Ylv3HvPr6XPWV5Uu7SRsNZkyXlt4xXO3ZJM0D tn0SBaIoxWxNH5PLXgz 0noMKD61eUYK0zAfFXNi+HG7cmRZok9pX1W8hoUsXkfDVlZyoE8CPtvG6R7+pQ4CuIB9L7UQWfy3 msZaVcaRyqMmygILtvU= </ds:SignatureValue> <ds:KeyInfo Id="KeyId-21197390"> <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurit y-utility-1.0.xsd" wsu:Id="STRId-17134341"> <wsse:Reference URI="#CertId-18364848" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-toke n-profile-1.0#X509v3"></wsse:Reference> </wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature> </wsse:Security> <To s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none";>https://stag ing-server/Services/DataSubmissionService.svc</To> <Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none";>http://mydia ls.com/DataSubmissionApiContract/About</Action> </s:Header> <soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";> <About xmlns="http://mydials.com/";></About> </soapenv:Body> </s:Envelope> </MessageLogTraceRecord> .NET Web Service Response Message: ================================== <MessageLogTraceRecord> <Addressing xmlns="http://schemas.microsoft.com/2004/06/ServiceModel/Management/MessageT race"> <Action>http://mydials.com/DataSubmissionApiContract/AboutResponse</Action> </Addressing> <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity- utility-1.0.xsd"> <s:Header> <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity- secext-1.0.xsd"> <u:Timestamp u:Id="_0"> <u:Created>2007-07-05T09:28:25.625Z</u:Created> <u:Expires>2007-07-05T09:33:25.625Z</u:Expires> </u:Timestamp> </o:Security> </s:Header> <s:Body> <AboutResponse xmlns="http://mydials.com/";> <AboutResult>myDIALS DataSubmissionApi0.1.1348.0X509CN=mydials.tenant.waynesworld; 73B306B0F2E9A537E4AA57C55856B814FBC6ED69</AboutResult> </AboutResponse> </s:Body> </s:Envelope> </MessageLogTraceRecord>
