Installation GuidesSOA Agent for Web Servers GuideConfigure the SOA Agent for Web Servers › Configure the Username and Password Digest Token Age Restriction

Previous Topic: Configure SOA Agent for Web Servers to Enable Fine-Grain Resource Identification

Next Topic: XML Message Processing Logging

Configure the Username and Password Digest Token Age Restriction

By default, the WS-Security authentication scheme imposes a 60-minute restriction on the age of Username and Password Digest Tokens to protect against replay attacks.

To configure a different value for the token age restriction for a SOA Agent for Web Servers, add the WS_UT_CREATION_EXPIRATION_MINUTES parameter to the XmlToolkit.properties file for that agent.

To configure a SOA Agent to use a nondefault age restriction for Username and Password Digest token authentication

  1. Navigate to SOA_Agent_Install\java.
  2. Open XmlToolkit.properties in a text editor.
  3. Add the following line: 
    WS_UT_CREATION_EXPIRATION_MINUTES=token_age_limit
    token_age_limit

    Specifies the token age limit restriction in minutes.

  4. Save and close the XmlToolkit.properties file.
  5. Restart the SOA Agent.