Partager via


<limits> Element

Specifies the limitations on incoming SOAP messages.

<microsoft.web.services3> Element
  <security> Element

<limits maxSignedItems maxEncryptedItems maxTokens />

Attributes and Elements

Attributes

Attribute Description

maxSignedItems

Required attribute. Specifies the maximum number of items that are digitally signed in an incoming SOAP message. When the same item is signed more than once, it counts towards this limitation as many times as it is signed. A value of -1 specifies there is no limit. The default value is 16.

maxEncryptedItems

Required attribute. Specifies the maximum number of items that are encrypted in an incoming SOAP message. When the same item is encrypted more than once, it counts towards this limitation as many times as it is encrypted. A value of -1 specifies there is no limit. The default value is 5.

maxTokens

Required attribute. Specifies the maximum number of security tokens contained within an incoming SOAP message. A value of -1 specifies there is no limit. The default value is 5.

Child Elements

None

Parent Elements

Element Description

<security> Element

Controls the security settings for a WSE application.

Remarks

Use the <limits> element to help mitigate denial of service attacks that attempt to overload the computer hosting the Web service with SOAP messages that require a large amount of processing due to a large number of signatures, encrypted elements, or security tokens.

When a SOAP message is received that exceeds the specified limitations, a SOAP fault is returned to the sender. The SOAP fault code is set to Microsoft.Web.Services3.Security.SecurityFault.FailedAuthenticationCode when the number of security tokens is exceeded and Microsoft.Web.Services3.Security.SecurityFault.FailedCheckCode when the number of XML elements that are digitally signed or encrypted is exceeded.

Before adding the <limits> element to a configuration file, you must add the microsoft.web.services3 configuration section handler to the configuration file. For details about adding the microsoft.web.services3 configuration section handler, see <section> Element.

Example

The following code example specifies that all incoming SOAP messages contain no more than 10 XML elements that are digitally signed, 4 XML elements that are encrypted, and 2 security tokens.

<configuration>
  <microsoft.web.services3>
    <security> 
      <limits 
        maxSignedItems="10"
        maxEncryptedItems="4"
        maxTokens="2" />
    </security>
  </microsoft.web.services3>
</configuration>

See Also

Reference

<security> Element