You can configure nonce for the server by using the WebSphere® Application Server administrative console.
Nonce is a randomly generated, cryptographic token that is used to prevent replay attacks of user name tokens that are used with SOAP messages. Typically, nonce is used with the user name token.
However, you must consider the order of precedence.
The following list shows the order of precedence:The application level settings for the nonce maximum age and nonce clock skew fields are specified through the additional properties.
In this information ... | IBM Redbooks, demos, education, and more(Index) |