I'm trying to increase the MaxClockSkew for our WCF bindings through code in
my service host and client.
From various forums etc, I have got this far:
public static void InitializeEndpoint(ServiceEndpoint endpoint)
{
CustomBinding customBinding = new CustomBinding(endpoint.Binding);
SecurityBindingElement securityBinding =
customBinding.Elements.Find<SecurityBindingElement >();
securityBinding.LocalServiceSettings.MaxClockSkew =
TimeSpan.FromHours(1);
securityBinding.LocalClientSettings.MaxClockSkew =
TimeSpan.FromHours(1);
endpoint.Binding = customBinding;
}
However, this does not seem to do the trick. Running a client with a clock
out by 10 minutes still results in an error logged on the service and the
message states that the max skew is still the default 5 mins.
Looking at some other forums I can find information about having to set the
skew on a bootstrapper element as well, but that only seems to be for
SymmetricSecurityBindingElements, where as we are using
TransportWithMessageCredential resulting in a TransportSecurityBindingElement.
The configuration on my client is:
<system.serviceModel>
<client>
<endpoint
address="https://localhost/Diligent.Boardbooks.SiteService/SiteService.svc/SiteUN"
binding="wsHttpBinding" bindingConfiguration="WSUsernameMtomBinding"
contract="Diligent.Boardbooks.Services.SiteService .Proxy.ISiteServiceContract"
name="SiteServiceUN" />
</client>
<behaviors />
<bindings>
<wsHttpBinding>
<binding name="WSUsernameBinding" sendTimeout="00:05:00"
maxReceivedMessageSize="1048576">
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"
establishSecurityContext="false" />
</security>
</binding>
<binding name="WSUsernameMtomBinding" sendTimeout="00:05:00"
maxReceivedMessageSize="67108864" messageEncoding="Mtom">
<readerQuotas maxDepth="512" maxStringContentLength="67108864"
maxArrayLength="67108864" maxBytesPerRead="67108864"
maxNameTableCharCount="65536" />
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"
establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<services />
</system.serviceModel>
And on my service is:
<system.serviceModel>
<client>
</client>
<bindings>
<wsHttpBinding>
<binding name="WSMtomBinding" sendTimeout="00:05:00"
maxReceivedMessageSize="67108864"
messageEncoding="Mtom">
<readerQuotas maxDepth="512"
maxStringContentLength="67108864"
maxArrayLength="67108864"
maxBytesPerRead="67108864" maxNameTableCharCount="65536" />
<reliableSession enabled="false" />
<security mode="TransportWithMessageCredential">
<message establishSecurityContext="false" />
</security>
</binding>
<binding name="WSUsernameMtomBinding" sendTimeout="00:05:00"
maxReceivedMessageSize="67108864"
messageEncoding="Mtom">
<readerQuotas maxDepth="512"
maxStringContentLength="67108864"
maxArrayLength="67108864"
maxBytesPerRead="67108864" maxNameTableCharCount="65536" />
<reliableSession enabled="false" />
<security mode="TransportWithMessageCredential">
<message clientCredentialType="UserName"
establishSecurityContext="false" />
</security>
</binding>
</wsHttpBinding>
</bindings>
<behaviors>
<serviceBehaviors>
<behavior name="SiteService">
<serviceDebug includeExceptionDetailInFaults="true" />
<serviceMetadata httpGetEnabled="true"
httpsGetEnabled="true" />
<serviceCredentials>
<serviceCertificate
findValue="Diligent.Boardbooks.Services" x509FindType="FindBySubjectName" />
<issuedTokenAuthentication>
<knownCertificates>
<add
findValue="Diligent.Boardbooks.SecurityTokenServic e"
storeLocation="LocalMachine"
storeName="My"
x509FindType="FindBySubjectName" />
</knownCertificates>
</issuedTokenAuthentication>
</serviceCredentials>
<serviceThrottling maxConcurrentCalls="100"
maxConcurrentSessions="100" />
</behavior>
</serviceBehaviors>
</behaviors>
<services>
<service behaviorConfiguration="SiteService"
name="Diligent.Boardbooks.Services.SiteService.Imp lementation.SiteService">
<endpoint address="Site" binding="wsHttpBinding"
bindingConfiguration="WSMtomBinding"
name="SiteService"
contract="Diligent.Boardbooks.Services.SiteService .ServiceContracts.ISiteServiceContract" />
<endpoint address="SiteUN" binding="wsHttpBinding"
bindingConfiguration="WSUsernameMtomBinding"
name="SiteServiceUN"
contract="Diligent.Boardbooks.Services.SiteService .ServiceContracts.ISiteServiceContract" />
<endpoint address="InternalSite" binding="wsHttpBinding"
bindingConfiguration="WSMtomBinding"
name="InternalSiteService"
contract="Diligent.Boardbooks.Services.SiteService .ServiceContracts.IInternalSiteServiceContract" />
<endpoint address="InternalSiteUN" binding="wsHttpBinding"
bindingConfiguration="WSUsernameMtomBinding"
name="InternalSiteServiceUN"
contract="Diligent.Boardbooks.Services.SiteService .ServiceContracts.IInternalSiteServiceContract" />
<endpoint address="Test" binding="wsHttpBinding"
bindingConfiguration="WSUsernameMtomBinding"
name="TestService"
contract="Diligent.Boardbooks.Services.SiteService .ServiceContracts.ISiteServiceTestContract" />
</service>
</services>
</system.serviceModel>
Is there anything else I need to set on the binding or endpoint to get the
skew adjusted properly?
Many thanks,
Greg Jackman