File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes JNLP and Web Start and the fly likes Client Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » JNLP and Web Start
Bookmark "Client Authentication" Watch "Client Authentication" New topic

Client Authentication

Mark Verkade

Joined: Sep 07, 2006
Posts: 1
Hello people,

I have a question that perhaps somebody here can help me with. I've made a WebStart application which is running fine at the moment (we're still testing it). But before we're actually gonna release the application to our users, we'd like to restrict the access to people who have a valid certificate (provided by us) installed on their computer.

Does anyone know how I can let the application check for a valid client certificate?
I know it's possible to open a local file, with FileInputStream pointing to the filename, but I'd like to check if the client certificate is present in the JVM/Browser repository, since that's where the certificates are already installed by our users.

I have been searching for this a lot, but I can't seem too find anything usefull. I don't even know if it's possible, in the first place.

So, any help is appreciated! Thanks!
Jared Cope
Ranch Hand

Joined: Aug 18, 2004
Posts: 243

Originally posted by Mark Verkade:

we'd like to restrict the access to people who have a valid certificate (provided by us) installed on their computer.

Is it a requirement to have a client certificate file for the authentication?

We have the same requirement for application access security, but we have Apache control who gets to access the .jnlp files (normal webserver configuration stuff) and if they supply the correct credentials then they can access the .jnlp and hence start the application.

This process might also work for you. It means that you are always in control of who can access the application (client certificates could be copied around etc).

Just an idea.

Cheers, Jared.
[ September 08, 2006: Message edited by: Jared Cope ]

SCJP 1.4 91%, SCJP 1.5 88%, SCJD B&S
I agree. Here's the link:
subject: Client Authentication
jQuery in Action, 3rd edition