Hi all:
I would like to configure client-cert authentication
in Glassfish to authenticate some resources of my web
application.
I have seen that Glassfish provides a certifite realm,
and I guess you need to include all the valid certs
there. Is that right? If that is the case, you need to
have all the client-certs, that probably have been
issued by an external CA.
In my opinion the right approach is assuming that a
certificate is signed by a trusted CA, get data from
certificate DN, and match the data against a database
(file, ldap server...). This approach assumes that
certificates are handled by an external entity,
including certification renovation... So, is it
possible to configure Glassfish to work in this way
(e.g. Tomcat is able to do this)?
Regards,
Evaristo
Reg
______________________________________________
Pregunta, Responde, Descubre.
Comparte tus consejos y opiniones con los usuarios de Yahoo! Respuestas
http://es.answers.yahoo.com/info/welcome