You'll have to describe the usecase better. Why can't the principal name be taken from the cert subject distinguished name? Why not incorporate the cert into the credential rather than the principal?
xxxxxxxxxxxxxxxxxxxxxxxx Scott Stark Chief Technology Officer JBoss Group, LLC xxxxxxxxxxxxxxxxxxxxxxxx ----- Original Message ----- From: "Dawes, Phil" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Friday, September 20, 2002 4:39 AM Subject: [JBoss-dev] isValid() not a good fit for certs > Hi all, > > The AuthenticationManager.isValid(principal,credential) isn't a good fit for > certificates AFAICS, because you don't know the principal name before you've > authenticated the credential. > > I am extending the jetty and tomcat bindings to support certificate > authentication to a JAAS loginmodule, and am having to create a dummy > principal to hack round this. > > This works, but getting the principal name out of the httprequest object > returns a dummy name (I'm using cert serial and issuer). > > I was wondering: > > 1) Is there a better way of doing this? > (e.g. should I be using JAAS directly rather than the jboss security > interfaces) > > 2) Is the AuthenticationManager interface going to change in the near future > to accomodate certs etc..? > > Cheers, > > Phil ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
