You are viewing a plain text version of this content. The canonical link for it is here.

Posted to wss4j-dev@ws.apache.org by Makris <dr...@gmail.com> on 2006/12/24 05:54:56 UTC

Preventing Replay attacks

I've configured my UsernameToken request to use a nonce and Timestamp but
the service does not stop replay attacks when I send the same request
multiple times. Does WSS4J prevent replay attacks or is this something the
user needs to implement ?