Running Business Processes and Composite Applications 10.4 | Running Business Processes and Composite Applications | webMethods Integration Server Administrator’s Guide | Configuring Endpoint Aliases for Web Services | Timestamps in the WS-Security Header
 
Timestamps in the WS-Security Header
The WS-Security header can contain Timestamp elements and tokens. Integration Server uses the timestamp to specify or detect whether an outbound or inbound message expires, specifically:
*For outbound messages, if the WS-Security policy attached to the web service descriptor includes the <sp:IncludeTimestamp/> assertion, Integration Server adds a Timestamp element, which includes the creation and expiry time, to the security header.
*For inbound messages, if the message has a Timestamp token, based on the Timestamp token, Integration Server verifies that the message has not arrived after the expiration time.
In the web service endpoint alias, you can specify the precision of the message timestamp, the message time to live, and whether to account for any difference in the clocks on the sending and receiving machines.

Copyright © 2019 | Software AG, Darmstadt, Germany and/or Software AG USA, Inc., Reston, VA, USA, and/or its subsidiaries and/or its affiliates and/or their licensors.
Innovation Release