Hi Glen,
Good point about the chronology.
An example from our time stamps is below. When we have no futureTimeToLive
set on the client, the call to the service won't even be made due to the
token being created in the future. When futureTimeToLive is set to 360
seconds, the client works as expected and sends the message to the service.
When no futureTimeToLive is set on the service, the token is rejected as
expected. Setting the futureTimeToLive to 360, the same exception occurs.
I have attached the stack trace for the service exception, as it appears as
though the exception is coming when checking the notBefore condition. Is
there another property which must be set to affect this calculation?
Host
Time
Client
14:56:30
STS
14:58:25
Service
14:56:20
Thanks,
Dan
http://cxf.547215.n5.nabble.com/file/n5712478/fttl_service.txt
fttl_service.txt
--
View this message in context:
http://cxf.547215.n5.nabble.com/futureTimeToLive-on-Service-Endpoints-tp5712429p5712478.html
Sent from the cxf-user mailing list archive at Nabble.com.
