Share via

<replayDetection> Element

  • Article

Controls whether to enable replay detection against the UsernameToken nonce for a period of time.

<microsoft.web.services3> Element
  <security> Element
    <securityTokenManager> Element
      <add> Element for <securityTokenManager>

<replayDetection 
  enabled="true|false" 
  windowInSeconds="300" />

Attributes and Elements

Attributes

Attribute Description

enabled

Required attribute. Set to true if replay detection should be enabled for the UsernameToken nonce; otherwise, false.

windowInSeconds

Required attribute. The time in seconds that replay detection is enabled against the UsernameToken nonce.

Child Elements

None.

Parent Elements

Element Description

<add> Element for <securityTokenManager>

Adds a user-supplied custom security token manager for an XML-based security token to the application domain.

Remarks

Before adding the <replayDetection> element to a configuration file, you must add the microsoft.web.services3 configuration section handler to the configuration file. For more information, see <section> Element.

Use the <replayDetection> element to specify that replay detection is enabled against the UsernameToken nonce. If this option is enabled, when a UsernameToken arrives, a check is performed as to whether the token creation time is within the reply window. If it is outside of the window, an error is generated and the token is considered invalid. If a nonce is reused within the replay window, a message is generated to note that a particular nonce value can only be used once within a given time period.

Example

The following code example specifies that replay detection is enabled and the window is set to 300 seconds for UsernameToken security tokens.

<configuration>
  <microsoft.web.services3>
    <security> 
      <securityTokenManager>
        <add localName="UsernameToken"
             type="Microsoft.Web.Services3.Security.Tokens.UsernameTokenManager, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" priority="1" group="0" 
             namespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
          <replayDetection enabled="true" windowInSeconds="300" />
        </add>
      </securityTokenManager>
    </security>
  </microsoft.web.services3>
</configuration>

See Also

Reference

UsernameToken