Identified by type="MessageFlow"
, this rule enforces replay detection and freshness requirements to prevent replay attacks.
Attributes
Name | Type | Default | Description |
---|---|---|---|
checkReplay | boolean | true | Enables or disables use of a replay cache to prevent replay attacks. Do not turn off in production. |
expires | time in seconds | 180 | Maxmimum time permitted between a message's timestamp and when it can be processed. Bounds the size of the replay cache. |
Example
<PolicyRule type="MessageFlow" checkReplay="true" expires="60"/>