[XWSS-56] Timestamp Validation error in Samoa Timezone Created: 21/Mar/12  Updated: 21/Mar/12

Status: Open
Project: xwss
Component/s: None
Affects Version/s: current
Fix Version/s: None

Type: Bug Priority: Major
Reporter: armcd5712 Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Netbeans 7.1.1, Glassfish 3.1.2, JDK 7 update 3, Windows 7 x64



 Description   

Samoa changed timezone late 2011 and are currently UTC +13

Our web services are secured with Username Authentication with Symmetric Key using Development Defaults.

Attempting to run the our application in the Samoa time zone gives the exceptions noted below. The errors do not occur if the timezone is set to New Zealand (UTC + 12)

> Error after changing timezone to Samoa and running application without restarting Glassfish...

Mar 21, 2012 11:07:48 PM com.sun.xml.wss.impl.misc.DefaultCallbackHandler validateCreationTime
SEVERE: WSS1515: The creation time is older than currenttime - timestamp-freshness-limit - max-clock-skew"
Mar 21, 2012 11:07:48 PM com.sun.xml.wss.impl.misc.DefaultCallbackHandler validateCreationTime
SEVERE: Creation time:Wed Mar 21 09:07:47 WSDT 2012
Mar 21, 2012 11:07:48 PM com.sun.xml.wss.impl.misc.DefaultCallbackHandler validateCreationTime
SEVERE: Current time:Wed Mar 21 09:57:48 WSDT 2012
Mar 21, 2012 11:07:48 PM com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl validateTimestamp
SEVERE: WSS0229: Exception occured in validating Timestamp
com.sun.xml.wss.impl.callback.TimestampValidationCallback$TimestampValidationException: The creation time is older than currenttime - timestamp-freshness-limit - max-clock-skew
at com.sun.xml.wss.impl.misc.DefaultCallbackHandler.validateCreationTime(DefaultCallbackHandler.java:1555)
at com.sun.xml.wss.impl.misc.DefaultCallbackHandler$DefaultTimestampValidator.validate(DefaultCallbackHandler.java:1519)
at com.sun.xml.wss.impl.callback.TimestampValidationCallback.getResult(TimestampValidationCallback.java:75)
at com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl.validateTimestamp(DefaultSecurityEnvironmentImpl.java:1432)
at com.sun.xml.ws.security.opt.impl.incoming.TimestampHeader.validate(TimestampHeader.java:109)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.handleSecurityHeader(SecurityRecipient.java:334)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.cacheHeaders(SecurityRecipient.java:275)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.validateMessage(SecurityRecipient.java:225)
at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.verifyInboundMessage(SecurityTubeBase.java:449)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processClientResponsePacket(SecurityClientTube.java:434)
at com.sun.xml.wss.jaxws.impl.SecurityClientTube.processResponse(SecurityClientTube.java:362)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:651)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:600)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:585)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:482)
at com.sun.xml.ws.client.Stub.process(Stub.java:323)
at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:161)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:113)
at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:93)
at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:144)
at $Proxy43.checkConnection(Unknown Source)
at org.sola.services.boundary.wsclients.SearchClientImpl.checkConnection(SearchClientImpl.java:80)
at org.sola.services.boundary.wsclients.WSManager.initWebServices(WSManager.java:110)
at org.sola.clients.beans.security.SecurityBean.authenticate(SecurityBean.java:124)
at org.sola.clients.beans.security.SecurityBean.authenticate(SecurityBean.java:104)
at org.sola.clients.swing.ui.security.LoginPanel$1.doTask(LoginPanel.java:100)
at org.sola.clients.swing.ui.security.LoginPanel$1.doTask(LoginPanel.java:90)
at org.sola.clients.swing.common.tasks.SolaTask$1.doInBackground(SolaTask.java:153)
at javax.swing.SwingWorker$1.call(SwingWorker.java:296)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
at java.util.concurrent.FutureTask.run(FutureTask.java:166)
at javax.swing.SwingWorker.run(SwingWorker.java:335)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
at java.lang.Thread.run(Thread.java:722)

javax.xml.ws.WebServiceException: com.sun.xml.wss.impl.WssSoapFaultException: The creation time is older than currenttime - timestamp-freshness-limit - max-clock-skew

> Error after changing timezone to Samoa and restarting Glassfish before running the application...

SEVERE: WSITPVD0035: Error in Verifying Security in Inbound Message.
com.sun.xml.wss.impl.WssSoapFaultException: Invalid Security Header
at com.sun.xml.ws.security.opt.impl.util.SOAPUtil.newSOAPFaultException(SOAPUtil.java:159)
at com.sun.xml.wss.impl.misc.WSITProviderSecurityEnvironment.validateCreationTime(WSITProviderSecurityEnvironment.java:2636)
at com.sun.xml.wss.impl.misc.WSITProviderSecurityEnvironment.validateTimestamp(WSITProviderSecurityEnvironment.java:2496)
at com.sun.xml.ws.security.opt.impl.incoming.TimestampHeader.validate(TimestampHeader.java:109)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.handleSecurityHeader(SecurityRecipient.java:350)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.cacheHeaders(SecurityRecipient.java:291)
at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.validateMessage(SecurityRecipient.java:241)
at com.sun.xml.wss.provider.wsit.WSITServerAuthContext.verifyInboundMessage(WSITServerAuthContext.java:588)
at com.sun.xml.wss.provider.wsit.WSITServerAuthContext.validateRequest(WSITServerAuthContext.java:361)
at com.sun.xml.wss.provider.wsit.WSITServerAuthContext.validateRequest(WSITServerAuthContext.java:264)
at com.sun.enterprise.security.webservices.CommonServerSecurityPipe.processRequest(CommonServerSecurityPipe.java:173)
at com.sun.enterprise.security.webservices.CommonServerSecurityPipe.process(CommonServerSecurityPipe.java:144)
at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:119)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:961)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:910)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775)
at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:386)
at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:640)
at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:263)
at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:163)
at org.glassfish.webservices.JAXWSServlet.doPost(JAXWSServlet.java:145)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:688)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1542)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:849)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:746)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1045)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:228)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
at java.lang.Thread.run(Thread.java:722)



 Comments   
Comment by armcd5712 [ 21/Mar/12 ]

Wrong project - my bad. Have added to the WSIT project (http://java.net/jira/browse/WSIT-1615). Please close

Generated at Sat May 30 11:13:24 UTC 2015 using JIRA 6.2.3#6260-sha1:63ef1d6dac3f4f4d7db4c1effd405ba38ccdc558.