On 08/25/2014 08:01 AM, Stephane Schitter wrote: > I was going to add an entry in the JIRA for djigzo but I thought I would > run it past here first to collect feedback if it could be a useful > enhancement for others as well: > > Give the ability to authenticate administrators based on client > certificates, if present. We already have a certificate store so why not > use it as well to allow admins to identify themselves for critical > roles. > > I am not sure a similar functionality would be relevant at all for the > portal, since I believe only end-users with PDF encryption would end up > there, and if they do it means they do not have a certificate in the > first place.
You should be able to configure client certificate authentication but I have not tested this. This will however not use the CipherMail certificate store since authentication with client side certificates is done with Tomcat. I also think that it's better to have a separate store for authentication and for certificates used for S/MIME. Client side certificate authentication is in principle supported by Spring security. I have however not tested this. For more information see: http://docs.spring.io/spring-security/site/docs/2.0.x/reference/html/x509.html > Also, and that is a separate topic, is there any plan that end-users > would be able to connect to the admin interface (restricted view > obviously) to be able to manage their own certificates? Instead of providing this functionality by allowing end user to log into the admin, it's better to add this functionality to the portal. Kind regards, Martijn -- CipherMail email encryption Open source email encryption gateway with support for S/MIME, OpenPGP and PDF messaging. http://www.ciphermail.com Twitter: http://twitter.com/CipherMail _______________________________________________ Users mailing list [email protected] https://lists.djigzo.com/lists/listinfo/users
