[Release 5.1 and later]Nonce cell-level properties

Use this page to specify the nonce configuration on the cell level in a WebSphere Application Server Network Deployment environment.

To view this administrative console page, click Security > Web Services > Properties.

Define the server-side nonce configuration by clicking Servers > Application Servers > server_name. Under Additional Properties, click Web Services: Default bindings for Web Services Security.

[Release 5.1 and later]Nonce is a unique cryptographic number embedded in a message to help stop repeat, unauthorized attacks of user name tokens. In a WebSphere Application Server Network Deployment environment, you must specify values for the Nonce Cache Timeout, the Nonce Maximum Age, and the Nonce Clock Skew fields for the cell level.

Nonce Cache Timeout
Specifies the timeout value, in seconds, for the nonce cached on the server. Nonce is a randomly generated value.

This field is required for the cell level is required in the WebSphere Application Server Network Deployment environment.

If you make changes to the Nonce Cache Timeout value, you must restart WebSphere Application Server for the changes to take effect.

Default 600 seconds
Minimum 300 seconds
Nonce Maximum Age
Specifies the time, in seconds, before the nonce time stamp expires. Nonce is a randomly generated value.

The value specified in this cell-level field is the maximum value that you can specify for the Nonce Maximum Age field for the server level. You can specify the Nonce Maximum Age value for the server level by clicking Servers > Application Servers > server_name. Under Additional Properties, click Web Services: Default bindings for Web Services Security.

The Nonce Maximum Age field is required for the cell level in the WebSphere Application Server Network Deployment environment.

Default 300 seconds
Range 300 to the Nonce Cache Timeout value in seconds
Nonce Clock Skew
Specifies the clock skew value, in seconds, to consider when WebSphere Application Server checks the timeliness of the message. Nonce is a randomly generated value.

The Nonce Clock Skew field is required for the cell level in the WebSphere Application Server Network Deployment environment.

Default 0 seconds
Range 0 to the Nonce Maximum Age value in seconds

Related information

Web services: default bindings for the Web services security collection
Login mapping configuration settings