Is anyone doing PIV card authentication in weblogic here? I am working on it and finding it hard to believe it requires this much work.
We essentially have it working but it seems very cludgy.
1. We enable 2-way SSL
2. We wrote a custom UserNameMapper class to look in a datbase for a username given a PIV certificate.
3. We use an LDAP Authentication provider to "validate" the returned username and set the groups that the principal(user) has.
4. We create policies in weblogic to map the groups to roles.
5. The application web.xml requires the role and client-cert authentication.
Anyone interested in collaborating on the best way to configure this stuff?