Configuring nonce for the cell level
Nonce is a randomly generated, cryptographic token that is used to prevent the theft of username tokens, which are used with SOAP messages. Nonce is used in conjunction with the basic authentication (BasicAuth) method. You can configure nonce for the cell level by using the WebSphere® Application Server administrative console.
About this task
Important: The information supports Version 5.x applications
only that are used with WebSphere Application Server Version
6.0.x and later. The information does not apply to Version
6 and later applications.
You can configure nonce at the
application level, the server level, and cell level. However, you
must consider the order of precedence:
If you configure nonce on the application level and the server
level, the values specified for the application level take precedence
over the values specified for the server level. Likewise, the values
specified for the application level take precedence over the values
specified for the server level and the cell level. In WebSphere Application Server, Network Deployment, the Nonce
cache timeout, Nonce maximum age,
and Nonce clock skew fields are required to
use nonce effectively. However, these fields are optional on the server
level. Complete the following steps to configure nonce on the cell
level:- Application level
- Server level
- Cell level