Announcement Announcement Module
Collapse
No announcement yet.
Certificate + form-based authentication Page Title Module
Move Remove Collapse
This topic is closed
X
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Certificate + form-based authentication

    Hello!

    Is it possible to chain different types of authentication, e.g., only if user has a valid X509 certificate, then the login form is presented (otherwise login process is failed)?

    Thank you!

    Igor

  • #2
    Hi,

    For this scenario, you would probably be best to configure X.509 authentication in your web server and have the additional form handling, user permissions etc performed by Acegi.

    For chaining mechanisms together in general, I'm not aware of anything that does that at the moment, but I guess it would be possible to implement an alternative version of ProviderManager which called each provider in turn and collated the results in some way (e.g. by combining all the granted authorities from each). It could also be configurable in terms of which providers were required, optional etc.

    Luke.

    Comment


    • #3
      Thank you, Luke. I will try it.

      Comment


      • #4
        Actually, it can be needed to ensure that the user name entered into the form is the same as the name in the certificate.

        Comment


        • #5
          Kuzmiigo, do you have answer for your problem? Do you have example?

          Comment


          • #6
            Brass air fittings

            Now that is a lot of brass air fittings http://www.liangdianup.com/subpages/airfitting_1.htm there is just about every type
            of air fitting that you could want. Wholesale prices too. I guess these could be used as small water pipe fitting also. I
            used some of the parts to make my babington wvo burner.

            Comment


            • #7
              lux, I dealt with this problem over three years ago! And now I work at another company. Anyway, as I remember, I ended up with writing a new LoginModule for JBoss, that checked username, password and certificate. The latter was accessible somehow, from the Request, probably.

              Comment

              Working...
              X