Granny's Programming Pearls
"inside of every large program is a small program struggling to get out"
JavaRanch.com/granny.jsp
The moose likes BEA/Weblogic and the fly likes PIV Card Authentication in Weblogic Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of The Mikado Method this week in the Agile and other Processes forum!
JavaRanch » Java Forums » Products » BEA/Weblogic
Reply Bookmark "PIV Card Authentication in Weblogic" Watch "PIV Card Authentication in Weblogic" New topic
Author

PIV Card Authentication in Weblogic

Sean Sell
Greenhorn

Joined: Dec 12, 2006
Posts: 8
posted private message
0
Quote
Is anyone doing PIV card authentication in weblogic here? I am working on it and finding it hard to believe it requires this much work.

We essentially have it working but it seems very cludgy.

1. We enable 2-way SSL
2. We wrote a custom UserNameMapper class to look in a datbase for a username given a PIV certificate.
3. We use an LDAP Authentication provider to "validate" the returned username and set the groups that the principal(user) has.
4. We create policies in weblogic to map the groups to roles.
5. The application web.xml requires the role and client-cert authentication.

Anyone interested in collaborating on the best way to configure this stuff?

--Sean
 
I agree. Here's the link: http://zeroturnaround.com/jrebel - it saves me about five hours per week
 
subject: PIV Card Authentication in Weblogic
 
Similar Threads
Custom Authorization in Weblogic 9.1
Custom Authentication/Authorization
LDAP Issues
Integrate Axis2/Rampart/WSS4J with Weblogic security realm
Smart Cards and Java Web Start ?