Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / December 2004

Tip: Looking for answers? Try searching our database.

Need for programmatic config:timeToleranceInSeconds, MaxRequestLen

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
drkraus - 08 Dec 2004 00:19 GMT
In another thread I have documented my struggle and success at finding a way
to programmatically alter the read only property MaxRequestLengthInBytes
(Microsoft.Web.Services2.Configuration.WebServicesConfiguration.MessagingConfiguration.MaxRequestLengthInBytes)
using reflection to access a private data member, in order to allow larger
size DIME attachements.

Now I am trying to figure out how to set timeToleranceInSeconds. It seems
that setting wsproxy.RequestSoapContext.Security.Timestamp.TtlInSeconds sets
the defaultTtlInSeconds config parm, but that there isn't a way, that I have
found to do the same for timeToleranceInSeconds. Clock drift of more than 5
minutes isn't too uncommon, so I was thinking of uping the value to avoid
message expiration problems.

Anyway, the common thread here is that, yes, this can be done in the
web.config and the app.config files to solve these problems, but in my case,
when the client is an Excel add-in, creating an excel.exe.config file, or
altering machine.config isn't kosher since other add-ins or client users may
want different settings.

So I have a specific questions and a general one for any Microsoft guru's
out there.
1. Specific: Is there a way to set timeToleranceInSeconds programmatically?
If not directly, then via reflection (the class location of the property
would help me).

2. Does it make sense to request a change from Microsoft to enable better
programmatic manipulation of these kinds of config parameters?

thanks, Dave
Reply to this Message
Dan Rogers - 08 Dec 2004 00:56 GMT
Hi Dave,

Interesting requirements.  Would a per-site/config value for these make
sense?  I think the thinking right now is that these are administrator
and/or business policy type settings that you may not want a programmer or
application to be able to override.

Thoughts?

Dan Rogers
Microsoft Corporation
--------------------
Thread-Topic: Need for programmatic config:timeToleranceInSeconds,
MaxRequestLen
thread-index: AcTcu4f8VZA0MUw9QCyRyEgzmboVQA==
X-WBNR-Posting-Host: 4.43.44.35
From: "=?Utf-8?B?ZHJrcmF1cw==?=" <drkraus@nospam.nospam>
Subject: Need for programmatic config:timeToleranceInSeconds, MaxRequestLen
Date: Tue, 7 Dec 2004 16:19:07 -0800
Lines: 30
Message-ID: <30AB465D-A703-4943-B259-C588C7CAE6BC@microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain;
    charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
Newsgroups: microsoft.public.dotnet.framework.webservices.enhancements
NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.1.29
Path: cpmsftngxa10.phx.gbl!TK2MSFTNGXA03.phx.gbl
Xref: cpmsftngxa10.phx.gbl
microsoft.public.dotnet.framework.webservices.enhancements:5076
X-Tomcat-NG: microsoft.public.dotnet.framework.webservices.enhancements

In another thread I have documented my struggle and success at finding a
way
to programmatically alter the read only property MaxRequestLengthInBytes
(Microsoft.Web.Services2.Configuration.WebServicesConfiguration.MessagingCon
figuration.MaxRequestLengthInBytes)
using reflection to access a private data member, in order to allow larger
size DIME attachements.

Now I am trying to figure out how to set timeToleranceInSeconds. It seems
that setting wsproxy.RequestSoapContext.Security.Timestamp.TtlInSeconds
sets
the defaultTtlInSeconds config parm, but that there isn't a way, that I
have
found to do the same for timeToleranceInSeconds. Clock drift of more than 5
minutes isn't too uncommon, so I was thinking of uping the value to avoid
message expiration problems.

Anyway, the common thread here is that, yes, this can be done in the
web.config and the app.config files to solve these problems, but in my
case,
when the client is an Excel add-in, creating an excel.exe.config file, or
altering machine.config isn't kosher since other add-ins or client users
may
want different settings.

So I have a specific questions and a general one for any Microsoft guru's
out there.
1. Specific: Is there a way to set timeToleranceInSeconds programmatically?
If not directly, then via reflection (the class location of the property
would help me).

2. Does it make sense to request a change from Microsoft to enable better
programmatic manipulation of these kinds of config parameters?

thanks, Dave
Reply to this Message
drkraus - 08 Dec 2004 17:23 GMT
Hi Dan,

Well, it did bother me a bit that I could override a read-only property
using reflection, but only in principle.

A little more background:
In reality, I would have been satisfied if I could have created an
application config file for our client DLL, that is invoked as an add-in to
Excel. Our client group attempted this without success. They ended up
creating a config file (ie. appname.dll.config) that they specifically query
to pick up their application settings. Any non-application settings that are
present are ignored at DLL load time, and would have to be programmtically
set as I have described. The next alternative was to create an
Excel.exe.config file, which is unacceptable.

I have been assuming  that when a setting like timeToleranceInSeconds is
configured in a app.config file, that this setting is specific to that
application only. The same goes for any programmatic setting of the same
property by a client. If this is true, I am not sure where the concern lies.
We are just talking about how the property is set. Now, if it is easier to
compromise/spoof an application program, than it is to compromise/spoof a
config file, then I might see a problem. This would then lead me to believe
that I may have indeed "hacked into" the MaxRequestLengthInBytes property
using reflection.

Finally, even though there is only one of our clients per box, a per-site
config setting would not allow other non-related applications to use other
values.

thanks, Dave

> Hi Dave,
>
[quoted text clipped - 68 lines]
>
> thanks, Dave
Reply to this Message
Dan Rogers - 10 Dec 2004 18:46 GMT
Hi Dave,

Thanks for explaining your thoughts on this.  I think I agree.  In your
case, you are doing something a bit unexpected - making excel take an
in-proc control over managed code.  At some point, this won't be
un-conventional - after such point when Excel has been redone in managed
code, for instance.

I wish I had an easy answer for you.  You probably have discovered that
using reflection may let you do the over-ride on a new instance of the
class - but it doesn't update the one that is being used by the CLR to
manage the application.  So the hacking concerns there aren't as serious.

Do you really need to set this on a per application basis?  Why?  Wouldn't
it be better to handle time-differences (if you need message time-out) at
the application level?

Dan
--------------------
Thread-Topic: Need for programmatic config:timeToleranceInSeconds, MaxReques
thread-index: AcTdSpMp89gsN2HJSM2k0qyloyGq7Q==
X-WBNR-Posting-Host: 204.210.55.215
From: "=?Utf-8?B?ZHJrcmF1cw==?=" <drkraus@nospam.nospam>
References:  <30AB465D-A703-4943-B259-C588C7CAE6BC@microsoft.com>
<EnnNGDM3EHA.3984@cpmsftngxa10.phx.gbl>
Subject: RE: Need for programmatic config:timeToleranceInSeconds, MaxReques
Date: Wed, 8 Dec 2004 09:23:03 -0800
Lines: 109
Message-ID: <1244B818-C97A-4AC0-B436-18A6C51C7AB9@microsoft.com>
MIME-Version: 1.0
Content-Type: text/plain;
    charset="Utf-8"
Content-Transfer-Encoding: 7bit
X-Newsreader: Microsoft CDO for Windows 2000
Content-Class: urn:content-classes:message
Importance: normal
Priority: normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.0
Newsgroups: microsoft.public.dotnet.framework.webservices.enhancements
NNTP-Posting-Host: TK2MSFTNGXA03.phx.gbl 10.40.1.29
Path:
cpmsftngxa10.phx.gbl!TK2MSFTFEED01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGXA0
3.phx.gbl
Xref: cpmsftngxa10.phx.gbl
microsoft.public.dotnet.framework.webservices.enhancements:5086
X-Tomcat-NG: microsoft.public.dotnet.framework.webservices.enhancements

Hi Dan,

Well, it did bother me a bit that I could override a read-only property
using reflection, but only in principle.

A little more background:
In reality, I would have been satisfied if I could have created an
application config file for our client DLL, that is invoked as an add-in to
Excel. Our client group attempted this without success. They ended up
creating a config file (ie. appname.dll.config) that they specifically
query
to pick up their application settings. Any non-application settings that
are
present are ignored at DLL load time, and would have to be programmtically
set as I have described. The next alternative was to create an
Excel.exe.config file, which is unacceptable.

I have been assuming  that when a setting like timeToleranceInSeconds is
configured in a app.config file, that this setting is specific to that
application only. The same goes for any programmatic setting of the same
property by a client. If this is true, I am not sure where the concern
lies.
We are just talking about how the property is set. Now, if it is easier to
compromise/spoof an application program, than it is to compromise/spoof a
config file, then I might see a problem. This would then lead me to believe
that I may have indeed "hacked into" the MaxRequestLengthInBytes property
using reflection.

Finally, even though there is only one of our clients per box, a per-site
config setting would not allow other non-related applications to use other
values.

thanks, Dave

"Dan Rogers" wrote:

> Hi Dave,
>
[quoted text clipped - 36 lines]
> way
> to programmatically alter the read only property MaxRequestLengthInBytes

(Microsoft.Web.Services2.Configuration.WebServicesConfiguration.MessagingCon
> figuration.MaxRequestLengthInBytes)
> using reflection to access a private data member, in order to allow larger
[quoted text clipped - 27 lines]
>
> thanks, Dave
Reply to this Message
drkraus - 13 Dec 2004 18:29 GMT
Dan.

I am not sure I understand your question concerning setting timetolerance at
the application level. I am requesting the ability to set these kinds of
values programmtically, or via an application config file associated with a
DLL. This is the same as setting at the application level, so I don't
understand your distinction.

Also, I used reflection to set the MaxRequestBytesInLength read only
property of the active configuration, not my own instance. It would do me no
good to create a configuration instance myself because I didn't know how to
make it active, in the sense that it actually affected behavior of .NET.

Dave

> Hi Dave,
>
[quoted text clipped - 157 lines]
> >
> > thanks, Dave
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.