You'll need to use Java. -----Original Message----- From: Joel Nath [mailto:[EMAIL PROTECTED] Sent: Wednesday, 23 February 2005 1:56 To: CF-Talk Subject: X.509 Certificates and Coldfusion
Hi, I have a slight problem...for one of our intranet project... our customer has suggested changing the authentication methodology to use X.509 Certificates in an SSO solution. The way this system works is: 1. the airline uses the vendors Public key of their X.509 Certificates to encrypt a message (usually contains user info). 2. the airline signs the encrypted message with the Private key of their X.509 Security Certificate. 3. The signed encrypted message is sent to the vendor through a HTTPS POST method. 4. The Vendor uses the airline public key of X.509 certificate to verify the signature. 5. The Vendor uses their Private Key to decrypt the message. 6. The Vendor parses the message to authenticate the user. 7. The user is logged in to the vendors system. I have no idea.... how to go about this... can anyone help.. cheers Joel ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Find out how CFTicket can increase your company's customer support efficiency by 100% http://www.houseoffusion.com/banners/view.cfm?bannerid=49 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:196048 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
