You are keeping a lot of stuff implicit... like the version of the software... timeouts could also be coming from tokens... what is the error message you get back.
Hi, Dave. Sorry. You are right. My question did not provide details. In the long run, I'll be running code against both Tridion Docs and KC 2016, but for now the issue occurs with KC 2016. The problem appears to be not with the total token lifespan (usually 10 hours?), but the timeout if a specific binding is not used in given length of time after being created. I have a services class that I instantiate and then use for a while. If, for example, I set up a pub output binding and a baseline binding and then use the pub output binding for a while (longer than 10 minutes), and then use the baseline binding, I get an error. The solution, it seems, is to only create bindings if they are going to be used in a given timeframe though I'm not sure what that timeframe should be. I believe the default is 10 minutes for WCF, but not sure if KC or TD configures it differently. Here is the error:
System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. ---> System.ServiceModel.FaultException: At least one security token in the message could not be validated.
Hi, Dave. Sorry. You are right. My question did not provide details. In the long run, I'll be running code against both Tridion Docs and KC 2016, but for now the issue occurs with KC 2016. The problem appears to be not with the total token lifespan (usually 10 hours?), but the timeout if a specific binding is not used in given length of time after being created. I have a services class that I instantiate and then use for a while. If, for example, I set up a pub output binding and a baseline binding and then use the pub output binding for a while (longer than 10 minutes), and then use the baseline binding, I get an error. The solution, it seems, is to only create bindings if they are going to be used in a given timeframe though I'm not sure what that timeframe should be. I believe the default is 10 minutes for WCF, but not sure if KC or TD configures it differently. Here is the error:
System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. ---> System.ServiceModel.FaultException: At least one security token in the message could not be validated.
Thanks Mark - I assume that the customer(s) in question don't have issues with their Client Tools (like Publication Manager) or with integrations like Translation Organizer which are all WCF-SOAP/WS-Trust based. So I'm afraid you'll have to dig a little bit deeper on your client-side.
The error doesn't ring a bell, worst case you can add retry/reinitialize code. Something I remember doing several years ago on github.com/.../
Thanks, Dave. I've had no customers with pub mgr issues. One customer did see the same error message around translation a few years back, but that issue was resolved. (I'm not sure how or the precise details.) Anyway, I've resolved the issue in my application by just being more careful about where/when I create bindings and not leaving them hanging idle for extended periods of time. I think that's probably a best practice, anyway. I've also improved other areas of my apps (e.g., database integrations) so they are not causing holdups, as well. In short, I've made everything more efficient and the binding timeouts have gone away. All good.
Translate
