xwss
  1. xwss
  2. XWSS-56

Timestamp Validation error in Samoa Timezone

    Details

    • Type: Bug Bug
    • Status: Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: current
    • Fix Version/s: None
    • Component/s: None
    • Labels:
      None
    • Environment:

      Netbeans 7.1.1, Glassfish 3.1.2, JDK 7 update 3, Windows 7 x64

      Description

      Samoa changed timezone late 2011 and are currently UTC +13

      Our web services are secured with Username Authentication with Symmetric Key using Development Defaults.

      Attempting to run the our application in the Samoa time zone gives the exceptions noted below. The errors do not occur if the timezone is set to New Zealand (UTC + 12)

      > Error after changing timezone to Samoa and running application without restarting Glassfish...

      Mar 21, 2012 11:07:48 PM com.sun.xml.wss.impl.misc.DefaultCallbackHandler validateCreationTime
      SEVERE: WSS1515: The creation time is older than currenttime - timestamp-freshness-limit - max-clock-skew"
      Mar 21, 2012 11:07:48 PM com.sun.xml.wss.impl.misc.DefaultCallbackHandler validateCreationTime
      SEVERE: Creation time:Wed Mar 21 09:07:47 WSDT 2012
      Mar 21, 2012 11:07:48 PM com.sun.xml.wss.impl.misc.DefaultCallbackHandler validateCreationTime
      SEVERE: Current time:Wed Mar 21 09:57:48 WSDT 2012
      Mar 21, 2012 11:07:48 PM com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl validateTimestamp
      SEVERE: WSS0229: Exception occured in validating Timestamp
      com.sun.xml.wss.impl.callback.TimestampValidationCallback$TimestampValidationException: The creation time is older than currenttime - timestamp-freshness-limit - max-clock-skew
      at com.sun.xml.wss.impl.misc.DefaultCallbackHandler.validateCreationTime(DefaultCallbackHandler.java:1555)
      at com.sun.xml.wss.impl.misc.DefaultCallbackHandler$DefaultTimestampValidator.validate(DefaultCallbackHandler.java:1519)
      at com.sun.xml.wss.impl.callback.TimestampValidationCallback.getResult(TimestampValidationCallback.java:75)
      at com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl.validateTimestamp(DefaultSecurityEnvironmentImpl.java:1432)
      at com.sun.xml.ws.security.opt.impl.incoming.TimestampHeader.validate(TimestampHeader.java:109)
      at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.handleSecurityHeader(SecurityRecipient.java:334)
      at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.cacheHeaders(SecurityRecipient.java:275)
      at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.validateMessage(SecurityRecipient.java:225)
      at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.verifyInboundMessage(SecurityTubeBase.java:449)
      at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientResponsePacket(SecurityClientTube.java:434)
      at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processResponse(SecurityClientTube.java:362)
      at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:651)
      at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:600)
      at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:585)
      at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:482)
      at com.sun.xml.ws.client.Stub.process(Stub.java:323)
      at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:161)
      at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:113)
      at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:93)
      at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:144)
      at $Proxy43.checkConnection(Unknown Source)
      at org.sola.services.boundary.wsclients.SearchClientImpl.checkConnection(SearchClientImpl.java:80)
      at org.sola.services.boundary.wsclients.WSManager.initWebServices(WSManager.java:110)
      at org.sola.clients.beans.security.SecurityBean.authenticate(SecurityBean.java:124)
      at org.sola.clients.beans.security.SecurityBean.authenticate(SecurityBean.java:104)
      at org.sola.clients.swing.ui.security.LoginPanel$1.doTask(LoginPanel.java:100)
      at org.sola.clients.swing.ui.security.LoginPanel$1.doTask(LoginPanel.java:90)
      at org.sola.clients.swing.common.tasks.SolaTask$1.doInBackground(SolaTask.java:153)
      at javax.swing.SwingWorker$1.call(SwingWorker.java:296)
      at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
      at java.util.concurrent.FutureTask.run(FutureTask.java:166)
      at javax.swing.SwingWorker.run(SwingWorker.java:335)
      at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
      at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
      at java.lang.Thread.run(Thread.java:722)

      javax.xml.ws.WebServiceException: com.sun.xml.wss.impl.WssSoapFaultException: The creation time is older than currenttime - timestamp-freshness-limit - max-clock-skew

      > Error after changing timezone to Samoa and restarting Glassfish before running the application...

      SEVERE: WSITPVD0035: Error in Verifying Security in Inbound Message.
      com.sun.xml.wss.impl.WssSoapFaultException: Invalid Security Header
      at com.sun.xml.ws.security.opt.impl.util.SOAPUtil.newSOAPFaultException(SOAPUtil.java:159)
      at com.sun.xml.wss.impl.misc.WSITProviderSecurityEnvironment.validateCreationTime(WSITProviderSecurityEnvironment.java:2636)
      at com.sun.xml.wss.impl.misc.WSITProviderSecurityEnvironment.validateTimestamp(WSITProviderSecurityEnvironment.java:2496)
      at com.sun.xml.ws.security.opt.impl.incoming.TimestampHeader.validate(TimestampHeader.java:109)
      at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.handleSecurityHeader(SecurityRecipient.java:350)
      at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.cacheHeaders(SecurityRecipient.java:291)
      at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.validateMessage(SecurityRecipient.java:241)
      at com.sun.xml.wss.provider.wsit.WSITServerAuthContext.verifyInboundMessage(WSITServerAuthContext.java:588)
      at com.sun.xml.wss.provider.wsit.WSITServerAuthContext.validateRequest(WSITServerAuthContext.java:361)
      at com.sun.xml.wss.provider.wsit.WSITServerAuthContext.validateRequest(WSITServerAuthContext.java:264)
      at com.sun.enterprise.security.webservices.CommonServerSecurityPipe.processRequest(CommonServerSecurityPipe.java:173)
      at com.sun.enterprise.security.webservices.CommonServerSecurityPipe.process(CommonServerSecurityPipe.java:144)
      at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:119)
      at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:961)
      at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:910)
      at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873)
      at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775)
      at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:386)
      at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:640)
      at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:263)
      at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:163)
      at org.glassfish.webservices.JAXWSServlet.doPost(JAXWSServlet.java:145)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:688)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
      at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1542)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
      at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
      at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
      at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
      at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
      at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:849)
      at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:746)
      at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1045)
      at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:228)
      at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
      at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
      at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
      at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
      at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
      at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
      at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
      at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
      at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
      at java.lang.Thread.run(Thread.java:722)

        Activity

          People

          • Assignee:
            Unassigned
            Reporter:
            armcd5712
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated: