Hi, I have a slight problem...for one of our intranet project...
our customer has suggested changing the authentication methodology to use X.509 Certificates in an SSO solution. The way this system works is: 1. the airline uses the vendors Public key of their X.509 Certificates to encrypt a message (usually contains user info). 2. the airline signs the encrypted message with the Private key of their X.509 Security Certificate. 3. The signed encrypted message is sent to the vendor through a HTTPS POST method. 4. The Vendor uses the airline public key of X.509 certificate to verify the signature. 5. The Vendor uses their Private Key to decrypt the message. 6. The Vendor parses the message to authenticate the user. 7. The user is logged in to the vendors system. I have no idea.... how to go about this... can anyone help.. cheers Joel ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:196047 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
