Configuring nonce using Web services security tokens

Nonce is a randomly generated, cryptographic token that is used to thwart the highjacking of user name tokens, which are used with SOAP messages. Use nonce in conjunction with the BasicAuth authentication method.

About this task

Important: The information in this article supports Version 5.x applications only that are used with WebSphere® Application Server Version 6.0.x and later. The information does not apply to Version 6.0.x and later applications.

You can configure nonce at the application level and server level.

If you configure nonce on the application level and the server level, the values specified for the application level take precedence over the values specified for the server level.

You must consider the order of precedence:
  1. Application level
  2. Server level

Complete these high-level tasks in the order listed:

Procedure

  1. Configure nonce for the application level.
  2. Configure nonce for the server level.

What to do next

After completing these steps, restart the server if it has not already been restarted.



In this information ...


IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic    

Terms of Use | Feedback

Last updated: Oct 20, 2010 11:50:58 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=compass&product=was-base-iseries&topic=twbs_confwssnonce
File name: twbs_confwssnonce.html