Nonce is a randomly generated, cryptographic token that is used to prevent the theft of username tokens, which are used with SOAP messages. Nonce is used in conjunction with the basic authentication (BasicAuth) method. You can configure nonce for the server level by using the WebSphere Application Server administrative console.
You can configure nonce at the application level, the server
level, and cell level.
Likewise,
the values specified for the application level take precedence over the values
specified for the server level and the cell level.
In a WebSphere Application Server or WebSphere Application Server Express environment, you must specify values for the Nonce cache timeout, Nonce maximum age, and Nonce clock skew fields on the server level to use nonce effectively.
However, in a WebSphere Application Server Network Deployment
environment, these fields are optional on the server level, but required on
the cell level.
Complete the following steps to configure nonce on the server level:
In this information ...Related concepts
Related tasks
Related reference
| IBM Redbooks, demos, education, and more |