RE: WSE910 error due to time zone differences between client/serve

Continuing my previous concern regarding the ability for someone to edit the
..cofnig file and thus log network traffic; in general I am concerned about
security risks regarding the .config files. Is possible to not use config
files and just have the same options "hardcoded" in the application so they
are not editable?

for example: application.exe.config & wse3policyCache.config
--
Thank you.


"John K" wrote:

I have one new question, is there a way to disable the ability to enable
message tracing for a deployed application (e.g. disable ability to generate
the InputTrace.webinfo, OutputTrace.webinfo files)? This is a security risk
as a malicous user could add the lines listed below in the application's
.config file and thus "log" all transactions between the server and client,
which in my case contains sensitive information and then the malicous user
could then grab the files later. I know it is meant to diagnose problems,
but in a deployed application, a knowledgeable hacker could very easily get
sensitive information.

Also, my time problem has been solved. I was testing in Virtual PC using
another time zone, but the clock kept synchronizing to my current time zone's
time, thus being off 1 hour, causing the error. I am uanble to prevent an
automatic time synchronization in XP. I dsabled the Windows Time service and
also uncheck "synchronize time" in the clock, but apparently some other
computer on the network transmits "time", which XP automatically uses to make
sure time is correct; but unfortunately it is not since my Virtual computer
is in another time zone.

<diagnostics>
<trace enabled="true" input="C:\InputTrace.webinfo"
output="C:\OutputTrace.webinfo" />
</diagnostics>

--
Thank you.


"Steven Cheng[MSFT]" wrote:

Hello John,

From your description, you're experiencing the WSE soap message time
synchronization problem between service client and server.

As you mentioned the client machine and server machine has configured to
use different timezone, but has synchrnized the clock to the same
time(converted UTC) ,correct? If so, this should be ok for the client
server to communication through WSE. Because WSE soap message will send the
timestamp header in the form of UTC time format. e.g.

#there is no timezone offset in the time( it is in UTC format)
================
<soap:Header>
................
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp
wsu:Id="Timestamp-b2b4ab61-bb08-48a0-9975-6d1ac739c930">
<wsu:Created>2006-12-06T06:24:00Z</wsu:Created>
<wsu:Expires>2006-12-06T06:29:00Z</wsu:Expires>
</wsu:Timestamp>
...........
=====================

You can turn on the message tracing in your WSE service application and
check the timestap in soap value and verfiy whether the value is correctly
in UTC time. Also, if the value is sent via UTC, you can further check
whether the message's arrvie time(logged time) is within the
creation-expres range.

Please feel free to post here if there is any other finding.


Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead



==================================================

Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.



Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.

==================================================



This posting is provided "AS IS" with no warranties, and confers no rights
.

Relevant Pages

  • RE: WSE910 error due to time zone differences between client/serve
    ... message tracing for a deployed application (e.g. disable ability to generate ... synchronization problem between service client and server. ... timestamp header in the form of UTC time format. ... Microsoft MSDN Online Support Lead ...
    (microsoft.public.dotnet.framework.webservices.enhancements)
  • Re: Multiprocessor crash.
    ... not confuse reentrancy with concurrency problems. ... without proper synchronization this code will cause problems. ... Microsoft Online Community Support ... where an initial response from the community or a Microsoft Support ...
    (microsoft.public.vc.mfc)
  • Re: Executing a method in a given thread context
    ... As you knoiw, when the callback is run, it is in the context of a ... event in the context of the thread which called Socket.BeginReceive at the ... delivering the message within the correct synchronization context by ... Microsoft Online Community Support ...
    (microsoft.public.dotnet.framework.clr)
  • Re: Adding thread support for C...
    ... What you won't get is support for writing your own synchronization api's, Not unless you can construct them out of the synchronization functions they give you. ... of threading api implementors to have a low opinion of other peoples ... primitives dependent on particular machine-level shared memory models, ...
    (comp.programming.threads)
  • Re: Synchronising two Access-Databases
    ... You may want to concider using replication manager included in Office ... it lets you use indirect synchronization and Internet ... Internet Synchronization with the Microsoft Jet Database Engine: ... Microsoft Online Community Support ...
    (microsoft.public.access.replication)