Distributed nonce caching

The distributed nonce caching feature enables you to distribute the cache for a nonce to different servers in a cluster.

In previous releases of WebSphere Application Server, the nonce was cached locally. To use this feature, complete the following actions:

  • Configure cache replication.

    For more information, see Configuring cache replication.

  • Verify that you created an appropriate domain setting when you form a cluster.

    For more information, see Creating clusters.

  • Verify that replication domain is properly secured. The nonce cache is crucial to the integrity of the nonce validation process. If the nonce cache is compromised, then one cannot trust the result of the validation process.

  • In the administrative console for the cell level, select the Distribute nonce caching option. We can enable the option by completing the following steps:

    1. Click Servers > Application servers > servername.

    2. Under Security, click Web services: Default bindings for Web services security.

    3. Select the Distribute nonce caching option.

  • In the administrative console for the server level, select the Distribute nonce caching option. We can enable the option by completing the following steps:

    1. Click Security > Web services.

    2. Select the Distribute nonce caching option.

  • Restart the servers within your cluster.

When you select the Distribute nonce caching option in the administrative console, the nonce is propagated to other servers in your environment. However, the nonce might be subject to a one-second delay in propagation and subject to any network congestion.

For more information on distributed nonce caching, see Web services security enhancements.


 

See Also


Nonce, a randomly generated token
Web services security enhancements