AnsweredAssumed Answered

timestamp header issues

Question asked by sirdodger on Feb 12, 2008
Latest reply on Feb 12, 2008 by sirdodger
I am having problem with the timestamp in the security header when accessing Alfresco through the web services layer.

In particular, I have Alfresco running in a virtual machine, so its clock skew can be quite bad.  If the clock skews far enough backwards, Alfresco rejects connection attempts because the date in the header is in the future.

Is there a way to disable timestamp authentication in Alfresco?  (I understand the vulnerability to replay attacks, but in this case, the risk is minimal because networking is disabled.  When networking is present, it is possible to keep the clock synchronized.)

For reference, I am running the Tomcat bundled version of Alfresco under a Linux VMWare image.  I am connection to it using the Microsoft.Web.Services3 module under the .NET platform.

Outcomes