当客户端设置为未来日期时间与服务器时,是否有最大时间戳有效期

本文关键字:是否 有效期 时间戳 服务器 设置 客户端 未来 日期 时间 | 更新日期: 2023-09-27 18:33:48

我们在自定义绑定上设置安全性,如下所示:

var lSecurity = lCustomBinding.Elements.Find<TransportSecurityBindingElement>();
                lSecurity.LocalClientSettings.DetectReplays = false;
                lSecurity.LocalServiceSettings.DetectReplays = false;
                lSecurity.LocalClientSettings.TimestampValidityDuration = TimeSpan.FromDays(7);
                lSecurity.LocalServiceSettings.TimestampValidityDuration = TimeSpan.FromDays(7);
                lSecurity.LocalClientSettings.MaxClockSkew = TimeSpan.FromDays(7);
                lSecurity.LocalServiceSettings.MaxClockSkew = TimeSpan.FromDays(7);
现在

我们发现,如果我们通过将客户端设置回从现在到 7 天的任何位置来测试上述内容,它就可以工作。但是,当我们将客户端设置为未来 9 小时以上的任何时间时,我们就会得到一个异常。

我们唯一发现的是另一个线程末尾的一些晦涩引用:

http://social.msdn.microsoft.com/Forums/en/wcf/thread/7c3a7a7e-b9a5-4198-9a29-c6d4e408d36d

有人有什么想法吗?

更新:我们得到的异常现在添加在下面。服务器似乎拒绝了客户端消息:

System.ServiceModel.Security.MessageSecurityException occurred
  Message=An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.
  Source=mscorlib
  StackTrace:
    Server stack trace: 
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
       at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.DoOperation(SecuritySessionOperation operation, EndpointAddress target, Uri via, SecurityToken currentToken, TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionSecurityTokenProvider.RenewTokenCore(TimeSpan timeout, SecurityToken tokenToBeRenewed)
       at System.IdentityModel.Selectors.SecurityTokenProvider.RenewToken(TimeSpan timeout, SecurityToken tokenToBeRenewed)
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecuritySessionChannel.RenewKey(TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecuritySessionChannel.SecureOutgoingMessage(Message& message, TimeSpan timeout)
       at System.ServiceModel.Security.SecuritySessionClientSettings`1.ClientSecurityDuplexSessionChannel.Send(Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ClientReliableChannelBinder`1.DuplexClientReliableChannelBinder`1.OnSend(TDuplexChannel channel, Message message, TimeSpan timeout)
       at System.ServiceModel.Channels.ReliableChannelBinder`1.Send(Message message, TimeSpan timeout, MaskingMode maskingMode)
       at System.ServiceModel.Channels.SendReceiveReliableRequestor.OnRequest(Message request, TimeSpan timeout, Boolean last)
       at System.ServiceModel.Channels.ReliableRequestor.Request(TimeSpan timeout)
       at System.ServiceModel.Channels.ClientReliableSession.Open(TimeSpan timeout)
       at System.ServiceModel.Channels.ClientReliableDuplexSessionChannel.OnOpen(TimeSpan timeout)
       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
       at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
       at System.ServiceModel.Channels.ServiceChannel.EnsureOpened(TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
       at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
       at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
    Exception rethrown at [0]: 
       at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
       at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
       at CompuLoan.Maintenance.IMaintenanceService.IsLicensed(String pHardwareId, Boolean pUseLicense)
       at CompuLoan.Maintenance.MaintenanceServiceClient.IsLicensed(String pHardwareId, Boolean pUseLicense) in C:'Development'compuloan'Source'CompuLoan'Service References'Maintenance'Reference.cs:line 5156
       at CompuLoan.App.IsLicensed(Boolean pUseLicense) in C:'Development'compuloan'Source'CompuLoan'App.xaml.cs:line 365
  InnerException: System.ServiceModel.FaultException
       Message=The security context token is expired or is not valid. The message was not processed.
       InnerException:

当客户端设置为未来日期时间与服务器时,是否有最大时间戳有效期

这是会话密钥的过期时间,它不同于时间戳。例如,关闭 establishSecurityContext(或不使用 CreateSecureConversationSecurity),则不应获得此异常。

否则,请尝试增加其他值,例如 InactivityTimeout、IssuedCookieLifetime、协商超时、SessionKeyRenewalInterval 和 SessionKeyRolloverInterval。

如果在服务器上打开 WCF 跟踪并查看错误的确切堆栈跟踪,也许我们可以滴落到确切的属性。

相关文章: