On Wednesday, November 27, 2002, at 01:01 PM, Scott M Stark wrote:
I updated the default CallbackHandler used by the JaasSecurityManager to support ObjectCallbacks
and changed the SigAuthenticationHandler to use the isValid() method.
Thanks Scott.
The use of null as the
principal indicates this is not really an authentication so I need to understand what the context of
the validation is.
Actually the certificate contains the information about the principal we are authenticating ( the CN portion of Distinguished Name for instance ).
By the time the SigAuthenticationHandler sees the certificate, the SigVerificationHandler has already validated the certificate, and the messages signature. At this point we are just trying to decide if the certificate should be trusted.
Maybe it would be better to not assume the certificate has already been validated?
I haven't committed the SigVerificationHandler yet because it requires apache's XML-Security library to compile, and I am not sure if it is o.k. to just go adding things to thirdparty.
If you just want to know if the cert should be accepted why not use the KeyStore
associated with the security domain to see if the cert is know to the security domain and validate
the cert as a X509Certificate?
�
Explain the context some more and if there are cert management functions that should be
part of the SecurityDomain interface I'll look into adding them.
The CertificateLoginModule checks that the certificate exists (and is trusted) in the keystore. If so it creates a SimplePrincipal (using the certificate's alias as the name) that will be returned by the getIdentity() method.
This is admittably a bit of a hack to map certificates to users in the system. I did this rather than using say the CN so that there would be a little bit of control over the user to whom this Certificate gets mapped. I could really use any ideas on a better way to accomplish this?
Once the identity has been divined from the certificate, it's a simple matter for getRoleSets() to find the roles this user should assume.
Let me know if my thought process is way off here. If it is, is there a better way to accomplish what I am attempting?
thanks
-jason
