Why and when to perform this task
Nonce is a randomly generated, cryptographic token used to thwart the highjacking of username tokens used with Simple Object Access Protocol (SOAP) messages. Nonce is used in conjunction with the BasicAuth authentication method.
This task provides instructions on how to configure nonce for the application level using the WebSphere Application Server administrative console.
You can configure nonce at the application level and cell level.
If you configure nonce on the application level and the server level, the values specified for the application level take precedence over the values specified for the server level.
Steps for this task
Nonce is not supported for authentication methods other than
BasicAuth.
The value specified for the Nonce Maximum Age field indicates how long the nonce is valid. You must specify a minimum of 300 seconds, but the value cannot exceed the number of seconds specified for the Nonce Cache Timeout field for either the server level
Nonce is not supported for authentication methods other than
BasicAuth.
Related concepts
Nonce, a randomly generated token
Username token element
Username token element
Related tasks
Configuring nonce for the server level