topic Re: TimeToLive not getting effect. in Talend Studio

TimeToLive not getting effect.

Anonymous — Sat, 16 Nov 2024 09:59:17 GMT

Hi All,
We are having problem with timetolive in talend esbruntime.
Is there way we can disable the timetolive.
I found one file at location etc\org.talend.esb.locator.cfg
There i changed the following code:
# If 'true' and one of the services (SOAP/REST) is installed
# then locator will perform checks on endpoints
# with expired time-to-live and remove them.
locator.endpoints.timetolive.check=true
# Interval for checks in seconds.
locator.endpoints.timetolive.interval=300
I tried making locator.endpoints.timetolive.check=false and restarting service also changing locator.endpoints.timetolive.interval=3600 and restarting service.
But its not working.
Does any one has idea regarding this?
Please let me know.
Thanking you in advance.

Re: TimeToLive not getting effect.

Anonymous — Tue, 21 Mar 2017 03:05:53 GMT

Hi,
You have to refresh the Locator bundle after the parameters change in the etc\org.talend.esb.locator.cfg, to make the changes take effect.
karaf@trun()> refresh locator
Then redeploy your Service again.
Regards.

Re: TimeToLive not getting effect.

Anonymous — Tue, 21 Mar 2017 07:06:21 GMT

Hi xldai,
Thanks for your reply.
i have tried karaf@trun()> refresh locator command and redeploy service but its not taking effect.
Actually i want to ignore the checking of <wsu:Created> from soap header for the request posted on Talend soap service. The soap header is like following:
<soapenv:Header>
<wsse ecurity soapenv:mustUnderstand="1" xmlns:wsse="" xmlns:wsu="">
<wsse:UsernameToken wsu:Id="UsernameToken-F3DD642F9E86D4CF28148967785889619">
<wsse:Username>abc</wsse:Username>
<wsse assword Type="">abc</wsse assword>
<wsse:Nonce EncodingType="">5sWcEMjw30Y7p4zfJZzAcQ==</wsse:Nonce>
<wsu:Created>2017-03-16T15:24:18.896Z</wsu:Created>
</wsse:UsernameToken>
</wsse ecurity>
</soapenv:Header>
Can you please suggest are we going on correct track? and also can you suggest how we can implement it.
Thanks !

Re: TimeToLive not getting effect.

Anonymous — Tue, 21 Mar 2017 07:39:40 GMT

Well, are you talking about the timestamp in the UsernameToken header? it's totally none relevent to the Locator configuration.
You have to describe your scenario in detail.
Regards.

Re: TimeToLive not getting effect.

Anonymous — Tue, 21 Mar 2017 10:46:26 GMT

ok
We have soap service which is running on https so that it can be accessed from internet.
And the problem is that the client making request on web service is not having internet time sync on their side and they include <wsu:Created> part in header so they get the following fault response as:
<faultcode xmlns:ns1="">ns1 ecurityError</faultcode>
<faultstring>A security error was encountered when verifying the message</faultstring>
So is their an way that even if the <wsu:Created> at xpath " /soapenv:Envelope/soapenv: Header/wsseecurity/wsse: UsernameToken/wsu:Created" node is mentioned in soap request header we can skip check on it and allow the webservice to work normally.

Re: TimeToLive not getting effect.

Anonymous — Wed, 22 Mar 2017 07:16:40 GMT

Hi,
The "Nonce" and "Created" is used for against replay attacks. there is a CXF WS-Security Configuration parameter "ws-security.timestamp.timeToLive" can be used to set the timeToLive, also there is a "ws-security.enable.timestamp.cache" can be used to enable/disable the timestamp cache. For detail here http://cxf.apache.org/docs/ws-securitypolicy.html
Have you created your Service using Studio? or you develop it with java/spring?
Regards.

Re: TimeToLive not getting effect.

Anonymous — Wed, 22 Mar 2017 11:24:24 GMT

Web service is created using Talend Open Studio.
Can you please suggest a way we can disable this?
Thanks !

Re: TimeToLive not getting effect.

Anonymous — Fri, 24 Mar 2017 03:28:45 GMT

Hi,
I would say there is no option to disable the "Nonce/Created" checking in the tESBProviderRequest component from Studio. and I don't think your use case is a valid usecase, from the UsernameTokenProfile spec ( http://docs.oasis-open.org/wss-m/wss/v1.1.1/os/wss-UsernameTokenProfile-v1.1.1-os.html) the Nonce/Created are optional element in the Soap Header of the request, if they are existing in the Header then the value of them should be make sure "correct" for validate.
So no offical support for your use case in the Studio, if you are seeking a tricky way, Like I said, we are using the CXF as backend lib to generate the source code of the Service, you may try to add these "ws-security.timestamp.timeToLive" CXF properties manually into the Service kar blueprint following the CXF docs, but not sue it really works we didn't test this.
Regards.

Re: TimeToLive not getting effect.

Anonymous — Mon, 27 Mar 2017 08:49:00 GMT

Hi,
ok thanks for your reply and suggestions .