Layer7 API Management

Hi All, 

I am new to the Protect against Message Replay assertion. 

Currently it is set to the Default mode.

When I test a sample policy that contains this assertion, I get Not applicable in this context message when run using the debug mode.

Can you please suggest how to test a sample proxy using this assertion and sample test cases?

Regards,

Pramod Talekar

Good afternoon Pramod,

The Protect Against Message Replay is designed to work against WS-Security based tokens included in the payload and will validate if an ID in the token has already been used including validation of the time stamp. Protect Against Message Replay Assertion (Threat Protection) - CA API Gateway - 9.3 - CA Technologies Documentation 

You can use a product like SOAPUI to create a WS-Security token and attempt to send through the same payload twice by viewing the raw and copying it into another request. 

Sincerely,

Stephen Hughes

Broadcom Support

Good Afternoon Stephen, 

Thanks so much for your reply.

I will test it.

Regards,

Pramod Talekar