[CWD-542] Validate a requesting application client based on client SSL certificates - Create and track feature requests for Atlassian products.

XML

Word

Printable

Details

Type: Suggestion
Status: Gathering Interest (View Workflow)
Resolution: Unresolved
Fix Version/s: None
Component/s: Authentication / Security
Labels:
- enterprise

Feedback Policy:

Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

Description

Currently Crowd offer a (limited) form of application client validation based on the ip address of the application client.
Using the ip address of a client to validate its authenticity is not fail safe. Wouldn't it be a lot better to provide other ways of determining the application client? For example using client side SSL certificates?

Attachments

Issue Links

is related to

CWD-677 Support for two-factor authentication in Crowd.

Under Consideration

mentioned in: Wiki Page Loading...

Activity

People

Assignee:: Unassigned

Reporter:: Arjan Schaaf

Votes:: 11 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 21/Sep/2007 10:36 AM

Updated:: 20/Aug/2019 1:06 AM