SSL client authentication

**kajism** · Aug 23rd, 2004, 05:43 AM

Ben,

Is there some built-in support for SSL client authentication in Acegi? In my scenario there should be both users without client certificate which need to provide username/password and users with client certificate - they should be "logged in automaticaly".

I'll appreciate any advice or direction which way to go.

Thanks,
Karel

PS: I'm happy to see the SF CVS is running again.

**Ben Alex** · Aug 23rd, 2004, 05:41 PM

Acegi Security does not presently support SSL client certificate authentication.

Approaching this with a suitable filter would work, as the Acegi Security interfaces allow you to delegate the processing to an AuthenticationManager etc.

Your alternative is to use a container adapter and client certificates via web.xml. That way the container takes care of certificate presentation and processing (authentication), with Acegi Security only handling authorization.

Thread: SSL client authentication

Thread Tools

Display

SSL client authentication

Similar Threads

Sharing authentication between webapp & rich client

Problem: SecureContextImpl reused in subsequent session

Loosing my SecureContext

JaxRpc client side authentication.

Method call why not be intercepted by MethodSecurityIntercep

Posting Permissions