Re: Nonce and Created Values. General Questions

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Hervey Wilson [MSFT] (herveyw.nospam_at_online.microsoft.com)
Date: 09/29/04 

Date: Wed, 29 Sep 2004 11:42:48 -0700

Bakunin wrote:
> I have the exact same issue.
>
> I have set the replaydetection setting in my config file to false, and the
> constructor of my usernamemanager implementation sets everything to base
> implementation passing in XMLNode. I only override the ValidateToken method.
>
> public myUsernameTokenManager(XMLNodeList nodes) : base(nodes)
>
> protected override string validateToken(usernametoken p_token)
> However I get an error stating:
>
> The token must contain both a nonce and timestamp ....
>

The only place this exact error is issued is if replayDetection is
enabled for the UsernameToken and the incoming token does not contain a
Nonce and Created. Of course, if you have used the Hashed Password
option, or you have signed with the UsernameToken, then the Nonce and
Created will be required since they are used for key generation.

The replayDetection setting is read from configuration, if you have a
custom UsernameTokenManager you must implement the constructor that
accepts the configuration node list (as you appear to have done above):

public MyUsernameTokenManager(XmlNodeList configData) : base(configData)
{
     ...
}

The configuration entry in your app.config / web.config, for the default
UsernameTokenManager, would be:

<microsoft.web.services2>
   <security>
     <securityTokenManager
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
        qname="wsse:UsernameToken"
       <replayDection enabled="false" windowInSeconds="300" />
     </securityTokenManager>
   </security>
</microsoft.web.services2>

If you want a custom UsernameTokenManager, you should also specify the
type="" attribute on the <securityTokenManager> element.

I hope this helps. 

--
This posting is provided "AS IS", with no warranties, and confers no rights.

Relevant Pages

  • Re: Java Logger
    ... I am not using a console Handler in the code, ... it is not Java code. ... reading in the initial configuration. ... In other words, copy the code posted by Knute to the constructor of a class, say ...
    (comp.lang.java.programmer)
  • Re: Custom UsernamtTokenManager not being called in Windows service
    ... UsernameTokenManager does not get called? ... it is possible to use the same configuration as for an IIS Web ... >> I am now attempting to host the same SoapService code in a service, ... >> registering an endpoint as a SoapReceiver. ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: WSE 3.O Web Service with ASP.Net Client using VB.Net
    ... Yes, you have to implement a custom UsernameTokenManager class and then, ... configure it in the WSE configuration section. ... ASP.Net client using VB.Net. ... The Web Service has been configured as per instruction in the examples. ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Perl Class simple problem
    ... I'm trying to write a class for configuration values for ... different sites so that they can use the same conf class, ... I create an object and pass a value to my constructor like this: ... End of Perl Code ...
    (perl.beginners)
  • Class usable from all other class
    ... I create a class to manage configuration. ... For this, I have a constructor that create a dataset with all my parameters, ... And want to have a constructor (so impossible to have statict method) to ... retrieve all parameters. ...
    (microsoft.public.dotnet.languages.csharp)