0 Replies Latest reply on Dec 1, 2005 5:29 PM by Igor Kuzmitshov

    Certificate + form-based authentication

    Igor Kuzmitshov Newbie


      After searching for a while I could not figure out how to implement the following scenario:

      1. User is authenticated by his certificate, AND
      2. User is authenticated by using the login form.

      It doesn't work if I chain BaseCertLoginModule and DatabaseServerLoginModule: if I specify CLIENT-CERT as the auth-method in web.xml, then login form is not shown and authentication fails (no place to take name and password from). If I specify FORM as the auth-method, then authentication fails as the certificate is not provided for the BaseCertLoginModule.

      Is it possible to check the certificate and show the login form (later I would like to check if username from the form is the same as the name from the certificate)?

      Thank you,