+

Search Tips   |   Advanced Search

Default bindings and security runtime properties

Specify the configuration on the cell level in a WebSphere Application Server, Network Deployment environment. In addition, use this page to define the default generator bindings, default consumer bindings, and additional properties such as key locators, the collection certificate store, trust anchors, trusted ID evaluators, algorithm mappings, and login mappings.

Displayed options and the panel title depend on the server configuration and version.

To view this administrative console page for the cell level, Click Security > security runtime.

To view this administrative console page for the server level, complete the following steps:

  1. Click Servers > Server Types > WebSphere application servers > server.

  2. Under Security, click security runtime.

    Mixed-version environment: In a mixed node cell with a server using WAS version 6.1 or earlier, click Web services: Default bindings for Web Services Security.mixv

Nonce is a unique cryptographic number embedded in a message to help stop repeated, unauthorized attacks of user name tokens. In a WAS ND environment, specify values for the Nonce cache timeout, the Nonce maximum age, and the Nonce clock skew fields for the cell level.

The default binding configuration provides a central location where reusable binding information is defined. The application binding file can reference the information in the default binding configuration.


Nonce cache timeout

Timeout value, in seconds, for the nonce value that is cached on the server. Nonce is a randomly generated value.

The Nonce cache timeout field is required for the cell level.

The maximum value for the Nonce maximum age field cannot exceed the number of seconds specified for this Nonce cache timeout field. If we make changes to the field value, we must restart WAS for the changes to take effect.

Information Value
Default 600 seconds
Minimum 300 seconds


Nonce maximum age

Time, in seconds, before the nonce time stamp expires. Nonce is a randomly generated value.

The value specified in this cell-level field is the maximum value that we can specify for the Nonce maximum age field for the server level.

The Nonce maximum age field is required for the cell level.

Information Value
Default 300 seconds
Range 300 to the Nonce cache timeout value in seconds


Nonce clock skew

Clock skew value, in seconds, to consider when WAS checks the timeliness of the message. Nonce is a randomly generated value.

The Nonce clock skew field is required for the cell level.

Information Value
Default 0 seconds
Range 0 to the Nonce maximum age value, in seconds


Custom properties

The linked Properties panel specifies additional properties for the security runtime configuration.

  • Configure token generators using JAX-RPC to protect message authenticity at the server or cell level
  • Signing information collection
  • Encryption information collection
  • Key information collection
  • Token generator collection
  • Key locator collection
  • Collection certificate store collection
  • Trust anchor collection
  • Trusted ID evaluator collection
  • Algorithm mapping collection