Hi, Two questions on the X509 access control login type:
1) Why does it require signing the session cookie, rather than simply taking the client cert from the SSL session? 2) How are the roles mapped from the certificates? In my test set up it seems that any "User" can effectively log in to the RA component and sign CSRs! Kind regards, David -- Dr David O'Callaghan Research Fellow - Grid-Ireland - e-INIS - Computer Architecture & Grid School of Computer Science & Statistics, Trinity College, Dublin 2, Ireland Telephone: +353 1 896 1720 ------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensign option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects _______________________________________________ Openca-Users mailing list Openca-Users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openca-users
