Hi All, We are having some clock skew issues using ws-security between our clients and stss/services.
We were thinking in updating the object WSSConfig that WSS4J is receiving (through CXF) or updating the UsernameTokenValidator, but we are wondering what's the relation between the properties ws-security.timestamp.timeToLive and ws-security.timestamp.futureTimeToLive with the object WSSConfig received by WSS4J. We were expecting that these properties are used to configure WSSConfig object but apparently that WSSConfig is always created by default. Also the option timeStampStrict seems to be not updated from CXF. Any thoughts on that? Thanks, Freddy -- View this message in context: http://cxf.547215.n5.nabble.com/changing-WSSConfig-tp5744735.html Sent from the cxf-user mailing list archive at Nabble.com.
