File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Web Services and the fly likes Certificate based authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "Certificate based authentication" Watch "Certificate based authentication" New topic

Certificate based authentication

Ramprasad Krishnamurthy

Joined: Dec 26, 2005
Posts: 7
Hi all,

Can some one tell me what is certificate based authentication and how it can be implemented as a service ? Iam trying to build a authentication service.

Ulf Dittmer

Joined: Mar 22, 2005
Posts: 39547
It means that a WS client does not send a username and password, but instead a cryptographic digital certificate to the server (e.g., an X-509 certificate). The WS-Security standard defines how this works for WS.

What would this authentication service do? If a certificate gets sent, all the WS (or rather, its WS-Security implementation layer) needs to do is check whether that user is authorized to access the service.

Ping & DNS - updated with new look and Ping home screen widget
Ramprasad Krishnamurthy

Joined: Dec 26, 2005
Posts: 7
Where can i get more details regarding this ? ie the WS Security standards, a sample of how a cryptographic digital certificate and how to authenticate the user using the certificate ?

Thanks a lot

I agree. Here's the link:
subject: Certificate based authentication
Similar Threads
client server certificate authentication
HTTPS Client Authentication
Question for Christopher Steel and Ramesh Nagappan
servlet security
Auto Login By Username in Cookie