Help coderanch get a
new server
by contributing to the fundraiser
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Spring 3 and X.509 Authentication

 
Ranch Hand
Posts: 47
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm trying to write an web application that takes advantage of X.509 authentication. I want to make sure I am straight on what needs to be done.

First, in my applicationContext.xml file, I need to add the following lines:



On the database, I need to have populated User and Authorities tables. The username in the User table needs to be the CN from the X.509 certificate.

Next, I need a model/value object which implements UserDetails.

Next I need to implement UserDetailsService.

Once all of this is done, the SecurityContext will contain an Authentication object.

I then go back to the applicationContext.xml and set up the authorities by adding this line (and others) to the section:



It just seems a bit too easy, and I'm still scarred from a failed attempt to do this from the ACEGI days.

Jason
 
Author
Posts: 84
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Jason,

I actually devote a whole chapter in the book to X.509 (client certificate) authentication. I would say that the majority of the issues / confusion around X.509 authentication tend to be more around the lifecycle and correct management and installation of certificates, server trust stores, etc. and not so much the configuration of Spring Security 3 itself.

It looks from the below code as though you are on the right track, though!

Best
Peter
 
Oh the stink of it! Smell my tiny ad!
We need your help - Coderanch server fundraiser
https://coderanch.com/t/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic