Hi Marcin, Seems that error is caused by incorrect security headers order. Can you put wire message here?
Cheers, Andrei. > -----Original Message----- > From: marcin.kasinski [mailto:[email protected]] > Sent: Samstag, 1. Dezember 2012 14:18 > To: [email protected] > Subject: CXF WSS4J and timestampStrict > > I have simple cxf service configured with action "Timestamp Signature > Encrypt". > > In spring configuration I added <entry key="timestampStrict" > value="false"/>, because in requests sometimes there is no Timestamp > header. > > > From documentation I can read : timestampStrict: Set whether to enable > strict Timestamp handling. Default is "true". > > Problem is that if there is no timestamp header in request I get error: > > > Caused by: org.apache.ws.security.WSSecurityException: An error was > discovered processing the <wsse:Security> header > at > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.checkActions(WSS4JInI > nterceptor.java:380) > at > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4 > JInInterceptor.java:301) > ... 28 more > > gru 01 > > > Having timestamp header in request everything works fine. > > Can you explain it please? > > > > > > ----- > > Regards > Marcin Kasinski > http://itzone.com.pl > -- > View this message in context: http://cxf.547215.n5.nabble.com/CXF-WSS4J- > and-timestampStrict-tp5719532.html > Sent from the cxf-dev mailing list archive at Nabble.com.
