return;
}
// Find the Timestamp
List<WSSecurityEngineResult> foundResults = wsDocInfo.getResultsByTag(WSConstants.TS);
Timestamp timeStamp = null;
if (foundResults.isEmpty()) {
// Search for a Timestamp below the Signature
Node sibling = signatureElement.getNextSibling();
while (sibling != null) {
if (sibling instanceof Element
&& WSConstants.TIMESTAMP_TOKEN_LN.equals(((Element)sibling).getLocalName())
&& WSConstants.WSU_NS.equals(((Element)sibling).getNamespaceURI())) {
timeStamp = new Timestamp((Element)sibling, requestData.getWssConfig().isWsiBSPCompliant());
break;
}
sibling = sibling.getNextSibling();
}
} else {
timeStamp = (Timestamp)foundResults.get(0).get(WSSecurityEngineResult.TAG_TIMESTAMP);
}
if (timeStamp == null) {
return;
}
// Test for replay attacks
Date created = timeStamp.getCreated();
DateFormat zulu = new XmlSchemaDateFormat();
String identifier = zulu.format(created) + "" + Arrays.hashCode(signatureValue);
if (replayCache.contains(identifier)) {
throw new WSSecurityException(
WSSecurityException.INVALID_SECURITY,
"invalidTimestamp",
new Object[] {"A replay attack has been detected"}
);
}
// Store the Timestamp/SignatureValue combination in the cache
Date expires = timeStamp.getExpires();
if (expires != null) {
Date rightNow = new Date();
long currentTime = rightNow.getTime();
long expiresTime = expires.getTime();
replayCache.add(identifier, ((expiresTime - currentTime) / 1000L));