This week's giveaway is in the EJB and other Java EE Technologies forum.
We're giving away four copies of EJB 3 in Action and have Debu Panda, Reza Rahman, Ryan Cuprak, and Michael Remijan on-line!
See this thread for details.
The moose likes BEA/Weblogic and the fly likes PIV Card Authentication in Weblogic Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Products » BEA/Weblogic
Bookmark "PIV Card Authentication in Weblogic" Watch "PIV Card Authentication in Weblogic" New topic

PIV Card Authentication in Weblogic

Sean Sell

Joined: Dec 12, 2006
Posts: 9
Is anyone doing PIV card authentication in weblogic here? I am working on it and finding it hard to believe it requires this much work.

We essentially have it working but it seems very cludgy.

1. We enable 2-way SSL
2. We wrote a custom UserNameMapper class to look in a datbase for a username given a PIV certificate.
3. We use an LDAP Authentication provider to "validate" the returned username and set the groups that the principal(user) has.
4. We create policies in weblogic to map the groups to roles.
5. The application web.xml requires the role and client-cert authentication.

Anyone interested in collaborating on the best way to configure this stuff?

It is sorta covered in the JavaRanch Style Guide.
subject: PIV Card Authentication in Weblogic
Similar Threads
LDAP Issues
Custom Authorization in Weblogic 9.1
Custom Authentication/Authorization
Integrate Axis2/Rampart/WSS4J with Weblogic security realm
Smart Cards and Java Web Start ?