Domains: Web Service Security: Timestamp
Configuration Options Related Tasks Related Topics
Use this page to configure the timestamp properties of a Web Service security configuration.
When a client application invokes a WebLogic Web Service that has been configured for message-level security, WebLogic Server may also require and add timestamp information in the SOAP request and response.
Use this page to change the default values for the timestamp properties.
Name Description Clock Synchronized
Specifies whether the Web Service assumes synchronized clocks.
If the clockSynchronized attribute is false, the Web Service rejects all inbound messages with that contain expirations, because this is the only safe way to ensure that the message hasn't already expired. In this case, the Web Service also does not enforce a freshness policy.
If this attribute is set to true, then the Web Service enforces expirations on inbound messages to the best of its ability and enforces an optional freshness policy (via maxProcessingDelay).
The default value of this attribute is true.
ClockSkew takes precedence over ClockPrecision if both are defined, as ClockPrecision has been DEPRECATED.
If clocks are synchronized, this attribute describes the accuracy of the synchronization between two clocks: the client and the server.
ClockSkew is expressed in milliseconds. Clock skew is enforced by rendering all times into milliseconds since a common time 0 and using these times for comparisons. For example, if you're clocks are accurate to within 1 minute of each other, you would set your skew to 1 minute * 60 seconds * 1000 milliseconds or 60000.
Max Processing Delay
Specifies the freshness policy for received messages: the Web Serivce observes the processing delay by subtracting the Created time in the Timestamp from the current time.
If the observed processing delay is greater than maxProcessingDelay plus clockSkew, then the message is rejected as stale.
This attribute is specified in milliseconds.
Setting maxProcessingDelay to NO_MAX_PROCESSING_DELAY disables to enforcement of the freshenss policy.
Represents the length of time the sender wants the outbound message to be valid.
When the validityPeriod is positive, the TimestampHandler inserts an Expires element into the Timestamp header. The validityPeriod is expressed in seconds: the Expires time will be that many seconds ahead of the Timestamp's Created time.
- Create a Web Service security configuration
- Specify the key pair used to sign SOAP messages
- Specify the key pair used to encrypt SOAP messages
- Use a password digest in SOAP messages
- Use X.509 certificates to establish identity