Spring-Security with X509?
Posted
by jschoen
on Stack Overflow
See other posts from Stack Overflow
or by jschoen
Published on 2010-06-08T01:34:07Z
Indexed on
2010/06/08
1:42 UTC
Read the original article
Hit count: 581
I am new to spring-security in general and am a bit confused.
The project I am trying to integrate this with uses X509 certificates to identify users for signing in to the application. There are no usernames or passwords. We validate the certificates are good, and that they have been given access to our app.
The question is how do I integrate spring in to this to get their roles using the X509 certificates?
I have seen this:
<http>
...
<x509 subject-principal-regex="CN=(.*?)," user-service-ref="userService"/>
...
</http>
But I don't understand how this works. Will it still require something for a password? Or is the subject all it needs?
© Stack Overflow or respective owner