SecurityBindingElement.LocalServiceSettings Property
Definition
Important
Some information relates to prerelease product that may be substantially modified before it’s released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Gets the binding properties specific to local security settings used by the service.
public:
property System::ServiceModel::Channels::LocalServiceSecuritySettings ^ LocalServiceSettings { System::ServiceModel::Channels::LocalServiceSecuritySettings ^ get(); };public System.ServiceModel.Channels.LocalServiceSecuritySettings LocalServiceSettings { get; }member this.LocalServiceSettings : System.ServiceModel.Channels.LocalServiceSecuritySettingsPublic ReadOnly Property LocalServiceSettings As LocalServiceSecuritySettingsProperty Value
The LocalServiceSecuritySettings object that represents the binding properties specific to local security settings used by the service.
Remarks
The settings are local because they are not published as part of the security policy of the service and do not affect the client's binding.
The following properties of the LocalServiceSecuritySettings object can help mitigate a denial-of-service (DOS) security attack:
MaxCachedCookies: controls the maximum number of time-bounded
SecurityContextTokens that are cached by the server after doing SPNEGO or SSL negotiation.IssuedCookieLifetime: controls the lifetime of the
SecurityContextTokens that are issued by the server following SPNEGO or SSL negotiation. The server caches theSecurityContextTokens for this period of time.MaxPendingSessions: controls the maximum number of secure conversations that are established at the server but for which no application messages have been processed. This quota prevents clients from establishing secure conversations at the service, thereby causing the service to maintain state for each client, but never using them.
InactivityTimeout: controls the maximum time that the service keeps a secure conversation alive without ever receiving an application message on it. This quota prevents clients from establishing secure conversations at the service, thereby causing the service to maintain state for each client, but never using them.
In a secure conversation session, note that both InactivityTimeout and the ReceiveTimeout property on the binding affect session timeout. The shorter of the two determines when timeouts occur.
Applies to
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for