3 Replies Latest reply on Sep 6, 2011 4:23 PM by Gunnar Hilling

    Alternative Verifiers instead of AnyCertVerifier

    Frederick Thurber Newbie

      Are there any other Certificate Verifers for BaseCertLoginModule besides the AnyCertVerifier?

      AnyCertVerifier is the only one I saw in the source code, but it is too permissive. It does not even check the expiration date.

      If no verifier is specified, BaseCertLoginModule does the verification, but it imposes an odious requirement for the alias name (it has to be the DN or CN from the certificate).