• Type: Suggestion
• Resolution: Won't Fix
• Fix Version/s: None
• Component/s: Authentication / Security, Backend / Domain Model , Plugins
• Labels:

  • cl

[CWD-1592] x509 client certificate Authentication and Authorization support

Collapse comment: Paul M. Goorskis added a comment - 09/Dec/2012 4:06 PM

Paul M. Goorskis added a comment - 09/Dec/2012 4:06 PM

@Rupert: can you please share plugin's name/vendor? Thanks!

Expand comment: Paul M. Goorskis added a comment - 09/Dec/2012 4:06 PM

Paul M. Goorskis added a comment - 09/Dec/2012 4:06 PM @Rupert: can you please share plugin's name/vendor? Thanks!

Collapse comment: rupert THURNER added a comment - 05/Jan/2012 1:50 PM

rupert THURNER added a comment - 05/Jan/2012 1:50 PM

we have a jira plugin doing this now.

Expand comment: rupert THURNER added a comment - 05/Jan/2012 1:50 PM

rupert THURNER added a comment - 05/Jan/2012 1:50 PM we have a jira plugin doing this now.

Collapse comment: shihab added a comment - 08/Sep/2011 7:50 AM

shihab added a comment - 08/Sep/2011 7:50 AM

Unfortunately this is not something we're looking to implement in the near future.

Expand comment: shihab added a comment - 08/Sep/2011 7:50 AM

shihab added a comment - 08/Sep/2011 7:50 AM Unfortunately this is not something we're looking to implement in the near future.

Collapse comment: Robert Bennek added a comment - 22/Nov/2010 10:27 AM

Robert Bennek added a comment - 22/Nov/2010 10:27 AM

Any updates so far?

Expand comment: Robert Bennek added a comment - 22/Nov/2010 10:27 AM

Robert Bennek added a comment - 22/Nov/2010 10:27 AM Any updates so far?

Collapse comment: rupert THURNER added a comment - 04/Jan/2010 10:24 AM

rupert THURNER added a comment - 04/Jan/2010 10:24 AM

there is two aspects of smart card based login:

1. take the username out of the certificate or the webcontainer where the application is deployed (j2ee standard "principal"). this needs to be done by every application itself, otherwise it would be considered as security risk for logging in.
2. store user information (like email), permissions, roles, ... which might be partially retrieved or calculated from information in the certificate as well. crowd would be perfect to hold / synchronzie such information.

Expand comment: rupert THURNER added a comment - 04/Jan/2010 10:24 AM

rupert THURNER added a comment - 04/Jan/2010 10:24 AM there is two aspects of smart card based login: take the username out of the certificate or the webcontainer where the application is deployed (j2ee standard "principal"). this needs to be done by every application itself, otherwise it would be considered as security risk for logging in. store user information (like email), permissions, roles, ... which might be partially retrieved or calculated from information in the certificate as well. crowd would be perfect to hold / synchronzie such information.

Collapse comment: Sam Johnston added a comment - 02/Nov/2009 4:10 PM

Sam Johnston added a comment - 02/Nov/2009 4:10 PM

I have just been asked for this feature by a large European enterprise user currently considering deploying Crowd. Contact me for more information if necessary.

Sam

Expand comment: Sam Johnston added a comment - 02/Nov/2009 4:10 PM

Sam Johnston added a comment - 02/Nov/2009 4:10 PM I have just been asked for this feature by a large European enterprise user currently considering deploying Crowd. Contact me for more information if necessary. Sam