Previous Topic: Configure a SiteMinder WSS Agent to Enable Fine-Grain Resource IdentificationNext Topic: Configure the SiteMinder WSS Agent to Process Large XML Messages

Web Services Security GuidesCA SiteMinder WSS Agent Guide for IIS Web ServersAdvanced ConfigurationConfigure the Username and Password Digest Token Age Restriction

Configure the Username and Password Digest Token Age Restriction

By default, the WS-Security authentication scheme imposes a 60-minute restriction on the age of Username and Password Digest Tokens to protect against replay attacks.

To configure a different value for the token age restriction for a SiteMinder WSS Agent for Web Servers, add the WS_UT_CREATION_EXPIRATION_MINUTES parameter to the XmlToolkit.properties file for that agent.

Follow these steps:

  1. Navigate to agent_home\java.
  2. Open XmlToolkit.properties in a text editor.
  3. Add the following line: 
    WS_UT_CREATION_EXPIRATION_MINUTES=token_age_limit
    token_age_limit

    Specifies the token age limit restriction in minutes.

  4. Save and close the XmlToolkit.properties file.
  5. Restart the SiteMinder WSS Agent.