-----Original Message----- From: Jesse I Pollard - CONTRACTOR To: MUSCLE <[EMAIL PROTECTED]> Date: Wed, 6 Oct 2004 11:02:54 -0400 (EDT) Subject: Re: [Muscle] Avoid asking for a username in smart card login
> In many circumstances, it won't work. > Well... I don't claim this should be the standard solution; only that in the application I'm currently working on this would be *very* convenient. This is a "marketing issue" too. If the user must introduce a username and a password for the token (pin), it doesn't *feel* diffent. > 1. User has multiple accounts and will need some way to select which > one to use. If an user has multiple accounts there's a chance he has multiple smart cards too. Anyway, this won't be a problem in my environment. > 2. The certificate (at least in the DoD CAC case) has no username > other than the DN name, which doesn't match anybodys idea of a > login name. > Yes... this is the most delicate problem. I assume that you are aware about how Mario Strasser's module checks the name. In your opinion, what would be the best way to get the user name from the card? I think that if it was configurable everybody could be able to find the scheme that suits more to his application. Thanks, Josep P.S.: I'm writing from an horrible MUA (webmail), sorry if it doesn't thread messages correctly. _______________________________________________ Muscle mailing list [EMAIL PROTECTED] http://lists.drizzle.com/mailman/listinfo/muscle
