Hi,
I know that if a timestamp element is included in the security header it
is checked against a time to live (default 5 minutes). Is there anything
built into wss4j to check the created timestamp of a UsernameToken in
the same way (as recommended by the OASIS spec), or is it up to users to
implement this if required? I had a look though the documentation but I
couldn't find anything, so I'm guessing the latter, but I just thought
I'd check before I implmented this myself.
Thanks,
Richard.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
