Release Notes › SOA Security Manager Release Notes › Defects Fixed in SOA Security Manager Releases › Defects Fixed in r12.1 SP3 › WS-Security SAML 1.1 Holder of Key Assertion Not Accepted More Than Once (97266)

WS-Security SAML 1.1 Holder of Key Assertion Not Accepted More Than Once (97266)

SOA Security Manager does not accept a WS-Security SAML 1.1 holder of key assertion token more than once; SAML 1.1 holder of key tokens cannot therefore be used in use cases where replay is required.

Workaround

SAML 2.0 holder of key tokens work as expected and can be used in to implement use cases in which replay is required.