Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / September 2004

Tip: Looking for answers? Try searching our database.

Flushing WSE security token cache

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
KyleB - 10 Sep 2004 23:20 GMT
Running into a problem where a username token is used to
authenticate/encrypt a message to a web service. a custom token manager
looks up the password (token was configured to SendNone) in a database. this
all works fine. however if the user then goes and changes that password then
re-tries the request the server has the old token cached. I can't find how
to reset this or have some method called in my custom username token manager
so i can check if passwords have changed. the only thing we've found to work
is if the IIS cache is flushed after the database password update, then WSE
will call my username token manager so i can query the database for the
password.
Questions are:
Does anyone know how to programmatically flush the IIS cache?
Does anyone know how to force WSE to call my username token manager?
Is there some way that I can re-set the WSE token caceh so that my username
token manager is called?

Thanks,
Kyle Brandon
Reply to this Message
Paul Linhardt - 16 Sep 2004 21:31 GMT
Kyle,

Are you sure your problem is the IIS Cache?  That doesn't sound right.

Maybe you should make your client user logout and log back in when he
changes his password.

Before calling the Web Service with a new token, make sure the client
removes the old token from the context and adds the new one:

 ws.RequestSoapContext.Security.Tokens.Clear()
 ws.RequestSoapContext.Security.Tokens.Add(token)

Here is an article on how to let database triggers let your
server-code know that data has been changed.  Perhaps it will be of
help:

 http://msdn.microsoft.com/msdnmag/issues/03/04/wickedcode/

Good Luck,
-Paul

> Running into a problem where a username token is used to
> authenticate/encrypt a message to a web service. a custom token manager
[quoted text clipped - 14 lines]
> Thanks,
> Kyle Brandon
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.