<replayDetection> Element
Controls whether to enable replay detection against the UsernameToken nonce for a period of time.
<microsoft.web.services2> Element
<security> Element
<securityTokenManager> Element
<replayDetection
enabled="true|false"
windowInSeconds="300" />
Attributes and Elements
Attributes
| Attribute | Description |
|---|---|
enabled |
Required attribute. true if replay detection should be enabled for the UsernameToken nonce; otherwise, false. |
windowInSeconds |
Required attribute. The time in seconds that replay detection is enabled against the UsernameToken nonce. |
Child Elements
None
Parent Elements
| Element | Description |
|---|---|
Specifies a user supplied custom security token manager for an XML-based security token. |
Remarks
Before adding the <replayDetection> element to a configuration file, you must add the microsoft.web.services2 configuration section handler to the configuration file. For details about adding the microsoft.web.services2 configuration section handler, see <section> Element (WSE for Microsoft .NET).
Use the <replayDetection> element to specify that replay detection is enabled against the UsernameToken nonce. If this option is enabled, when a UsernameToken arrives, a check is performed as to whether the Token Creation time is within the reply window. If it is outside of the window, an error is generated and the token is considered invalid. If a nonce is reused within the replay window, a message is generated to note that a particular nonce value can only be used once within a given time period.
Example
The following code example specifies that replay detection is enabled and the window is set to 300 seconds.
<configuration>
<microsoft.web.services2>
<security>
<securityTokenManager>
<replayDetection enabled="true" windowInSeconds="300" />
</securityTokenManager>
</security>
</microsoft.web.services2>
</configuration>