Share via

<renewalWindowInSeconds> Element

  • Article

For KerberosToken and SecurityContextToken security tokens, specifies the period of time immediately prior to expiration, in which the security token should be renewed.

<microsoft.web.services2> Element
  <security> Element
    <binarySecurityTokenManager> Element
      <microsoft.web.services2> Element
        <security> Element
          <securityTokenManager> Element

<renewalWindowInSeconds>Number of seconds.</renewalWindowInSeconds>

Attributes and Elements

Attributes

None

Child Elements

None

Parent Elements

Element Description

<binarySecurityTokenManager> Element

Specifies a user-supplied binary custom security manager.

<securityTokenManager> Element

Specifies a user supplied XML-based custom security manager.

Text Value

The text value can be any integer greater than 0. The default value is 60. A text value is required.

Remarks

When WSE receives a KerberosToken or SecurityContextToken security token that was requested from a security token service and is within the renewal window, the security token is rejected and a SOAP fault is thrown back to the sender. The renewal window is the period of time immediately preceding expiration, as specified in the <renewalWindowInSeconds> configuration element.

When policy is configured for outgoing SOAP messages, WSE automatically requests a new SecurityContextToken security token when it requires renewal, which is indicated by the RequiresRenewal property.

Example

The following code example specifies that KerberosToken security tokens can be renewed within 2 minutes of the Kerberos ticket expiring.

<configuration>
  <microsoft.web.services2>
   <security>
      <binarySecurityTokenManager 
        valueType="https://schemas.xmlsoap.org/ws/2003/12/kerberos/Kerberosv5ST"
        type="Microsoft.Web.Services2.Security.Tokens.KerberosTokenManager, Microsoft.Web.Services2, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" priority="1" group="0" 
        xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <renewalWindowInSeconds>120</renewalWindowInSeconds>
      </binarySecurityTokenManager>
    </security>
  </microsoft.web.services2>
</configuration>

See Also

Reference

<binarySecurityTokenManager> Element