X.509 Client Certificate Authentication
I am developing an application that implements client certificate authentication using spring security. I know that in order to enable this type of authentication and extract the username from the certificate this must be present in the spring configuration file:
The problem is that users must be able to authenticate using two different kinds of certificates, and the username is in a different field in both of them (the code below extracts the username from the field CN).
<x509 subject-principal-regex="CN=(.*?)," user-service-ref="userService"/>
So the question is: Is there a way of doing this?
I've thought that maybe modifying in some way the regular expression would do it, but then I read here that the subject-principal-regex should contain a single group, so (although I am not entirely sure of what that exactly means) I think that this may not be the solution.