Bewerken

Delen via


SecurityBindingElement.LocalServiceSettings Property

Definition

Gets the binding properties specific to local security settings used by the service.

public:
 property System::ServiceModel::Channels::LocalServiceSecuritySettings ^ LocalServiceSettings { System::ServiceModel::Channels::LocalServiceSecuritySettings ^ get(); };
public System.ServiceModel.Channels.LocalServiceSecuritySettings LocalServiceSettings { get; }
member this.LocalServiceSettings : System.ServiceModel.Channels.LocalServiceSecuritySettings
Public ReadOnly Property LocalServiceSettings As LocalServiceSecuritySettings

Property Value

The LocalServiceSecuritySettings object that represents the binding properties specific to local security settings used by the service.

Remarks

The settings are local because they are not published as part of the security policy of the service and do not affect the client's binding.

The following properties of the LocalServiceSecuritySettings object can help mitigate a denial-of-service (DOS) security attack:

  • MaxCachedCookies: controls the maximum number of time-bounded SecurityContextTokens that are cached by the server after doing SPNEGO or SSL negotiation.

  • IssuedCookieLifetime: controls the lifetime of the SecurityContextTokens that are issued by the server following SPNEGO or SSL negotiation. The server caches the SecurityContextTokens for this period of time.

  • MaxPendingSessions: controls the maximum number of secure conversations that are established at the server but for which no application messages have been processed. This quota prevents clients from establishing secure conversations at the service, thereby causing the service to maintain state for each client, but never using them.

  • InactivityTimeout: controls the maximum time that the service keeps a secure conversation alive without ever receiving an application message on it. This quota prevents clients from establishing secure conversations at the service, thereby causing the service to maintain state for each client, but never using them.

In a secure conversation session, note that both InactivityTimeout and the ReceiveTimeout property on the binding affect session timeout. The shorter of the two determines when timeouts occur.

Applies to