ws-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1703134 - in /webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src: main/java/org/apache/wss4j/dom/validate/TimestampValidator.java test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java
Date Tue, 15 Sep 2015 09:48:11 GMT
Author: coheigea
Date: Tue Sep 15 09:48:10 2015
New Revision: 1703134

URL: http://svn.apache.org/r1703134
Log:
[WSS-554] - Improved error message for timestamp in the future

Modified:
    webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java
    webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java

Modified: webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java?rev=1703134&r1=1703133&r2=1703134&view=diff
==============================================================================
--- webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java
(original)
+++ webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/main/java/org/apache/wss4j/dom/validate/TimestampValidator.java
Tue Sep 15 09:48:10 2015
@@ -57,13 +57,21 @@ public class TimestampValidator implemen
         }
         
         Timestamp timeStamp = credential.getTimestamp();
-        // Validate whether the security semantics have expired
-        if (timeStampStrict && timeStamp.isExpired()
-            || !timeStamp.verifyCreated(timeStampTTL, futureTimeToLive)) {
+        
+        // See if the Timestamp has expired
+        if (timeStampStrict && timeStamp.isExpired()) {
+            throw new WSSecurityException(
+                WSSecurityException.ErrorCode.MESSAGE_EXPIRED,
+                "invalidTimestamp",
+                new Object[] {"The message timestamp has expired"});
+        }
+        
+        // Validate the Created date
+        if (!timeStamp.verifyCreated(timeStampTTL, futureTimeToLive)) {
             throw new WSSecurityException(
                 WSSecurityException.ErrorCode.MESSAGE_EXPIRED,
                 "invalidTimestamp",
-                new Object[] {"The security semantics of the message have expired"});
+                new Object[] {"The message timestamp is out of range"});
         }
         
         if (data.isRequireTimestampExpires() && timeStamp.getExpires() == null) {

Modified: webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java
URL: http://svn.apache.org/viewvc/webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java?rev=1703134&r1=1703133&r2=1703134&view=diff
==============================================================================
--- webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java
(original)
+++ webservices/wss4j/branches/2_0_x-fixes/ws-security-dom/src/test/java/org/apache/wss4j/dom/misc/FaultCodeTest.java
Tue Sep 15 09:48:10 2015
@@ -125,7 +125,7 @@ public class FaultCodeTest extends org.j
             fail("Failure expected on an expired message");
         } catch (WSSecurityException ex) {
             assertTrue(ex.getErrorCode() == WSSecurityException.ErrorCode.MESSAGE_EXPIRED);
-            assertEquals("Invalid timestamp: The security semantics of the message have expired",
ex.getMessage());
+            assertEquals("Invalid timestamp: The message timestamp has expired", ex.getMessage());
             QName faultCode = new QName(WSConstants.WSSE_NS, "MessageExpired");
             assertTrue(ex.getFaultCode().equals(faultCode));
         }



Mime
View raw message