On Fri, Mar 13, 2015 at 8:40 PM, Marc Boorshtein <[email protected]> wrote:
> >>>>> Well thats untrue. The certificate can be used for user mapping, >>>>> authorization, etc. This is VERY common in the HTTP world. In a servlet >>>>> you can get the certificate, DN, etc from the request object. >>>>> >>>>> not the case in LDAP, AFAIK >>>> >>> >>> OK well if it wasn't the case I wouldn't have folks asking for it :-) >>> >> never heard of such requirement before, curious about the usecase though >> >>> >>> > Don't have 100% of the use case either. Someone's looking for MyVD to > give them the client certificate in an insert (our equivalent of an > interceptor) so they can do authorizations. For service accounts its very > elegant if you think about it as it eliminates the need for passwords > (assuming thats what its for). > sounds quite heavy, cause the CRL needs to be maintained/verified on the LDAP server thanks for sharing. -- Kiran Ayyagari http://keydap.com
