Hullo,
I am trying to stream large files over a secured connection, and I am
finding that if the transfer takes a certain amount of time (due to the file
size or slow connection), I get the following exception:
[#|2012-10-24T10:38:06.265-0400|WARNING|glassfish3.1.2|org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor|_ThreadID=111;_ThreadName=Thread-2;|org.apache.ws.security.WSSecurityException:
The message has expired (WSSecurityEngine: Invalid timestamp The security
semantics of the message have expired)
at
org.apache.ws.security.validate.TimestampValidator.validate(TimestampValidator.java:62)
at
org.apache.ws.security.processor.TimestampProcessor.handleToken(TimestampProcessor.java:62)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:397)
This occurs AFTER the file has been streamed successfully into the
CachedOutputStream.OutputDirectory. Is this the correct behavior?
Shouldn't timestamp validation occur before the file is streamed as the
transfer could take a while?
I am planning to alleviate this problem by increasing the <Expires> date in
the timestamp, but I'm wondering if there's a better way of solving this
problem...
In addition, I noticed that often when the connection fails during a large
file transfer (such as the one above), the temp files were never deleted and
trying to delete it manually fails due to it being locked.
Thanks for any help you can give.
--
View this message in context:
http://cxf.547215.n5.nabble.com/WSS4J-Timestamp-expiring-before-large-file-transfer-finishes-tp5717348.html
Sent from the cxf-user mailing list archive at Nabble.com.
