|
|
|
The WS-Security authentication scheme provides protection against replay attacks using Username and Password Digest tokens by imposing a "freshness" restriction (60 minutes by default) on the age of the token. That is, if a token was created more than 60 minutes ago according to its <wsu:Created> timestamp, authentication fails.
The token age restriction for Username and Password Digest Tokens can be configured at the agent level. For more information, see the SOA Agent Configuration Guide.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |