This content has been marked as final.
Show 3 replies
-
1. Re: mapping principals with digital certificates
anil.saldhana Oct 10, 2007 12:07 PM (in response to oconesa)<!-- The JAAS based authentication and authorization realm implementati on that is compatible with the jboss 3.2.x realm implementation. - certificatePrincipal : the class name of the org.jboss.security.auth.certs.CertificatePrincipal impl used for mapping X509[] cert chains to a Princpal. - allRolesMode : how to handle an auth-constraint with a role-name=*, one of strict, authOnly, strictAuthOnly + strict = Use the strict servlet spec interpretation which requires that the user have one of the web-app/security-role/role-name + authOnly = Allow any authenticated user + strictAuthOnly = Allow any authenticated user only if there are no web-app/security-roles --> <Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm" certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping " allRolesMode="authOnly" />
server.xml - Realm
I think you need an implementation of CertificatePrincipal -
2. Re: mapping principals with digital certificates
oconesa Oct 11, 2007 7:39 AM (in response to oconesa)thanks, I supposed that the solution is realted to "CertificatePrincipal" and RealMap. But I am looking for an example how to map a CN or a DN with a login name.
For example:
DN="CN=John Smith, O=IBM, C=US", and I need that "Principal = jsmith".
My really problem is that the DN of my users are really complex. -
3. Re: mapping principals with digital certificates
anil.saldhana Oct 19, 2007 3:48 PM (in response to oconesa)You will need to provide an implementation of the CertificatePrincipal interface.