It's not a secret anymore!
The moose likes BEA/Weblogic and the fly likes PIV Card Authentication in Weblogic Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Products » BEA/Weblogic
Bookmark "PIV Card Authentication in Weblogic" Watch "PIV Card Authentication in Weblogic" New topic
Author

PIV Card Authentication in Weblogic

Sean Sell
Greenhorn

Joined: Dec 12, 2006
Posts: 9
Is anyone doing PIV card authentication in weblogic here? I am working on it and finding it hard to believe it requires this much work.

We essentially have it working but it seems very cludgy.

1. We enable 2-way SSL
2. We wrote a custom UserNameMapper class to look in a datbase for a username given a PIV certificate.
3. We use an LDAP Authentication provider to "validate" the returned username and set the groups that the principal(user) has.
4. We create policies in weblogic to map the groups to roles.
5. The application web.xml requires the role and client-cert authentication.

Anyone interested in collaborating on the best way to configure this stuff?

--Sean
 
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com
 
subject: PIV Card Authentication in Weblogic
 
jQuery in Action, 3rd edition