I think you may get this with chaining JAAS login modules in login context configuration, however we don't ship certificate login module yet.
Which certificate login module do you use now? Lukasz Wiadomość napisana przez Achim Nierbeck <[email protected]> w dniu 20 lut 2013, o godz. 11:20: > Hi Lars, > > I'm sure it's possible. Do you have a working "simple" Application that > already works on a std. jetty? > If so, try to port those things needed to karaf. > Karaf supports JAAS so if you are able to get your JAAS configuration working > I'm sure it's a easy move over. > > To my understanding the user attached to the certificate needs to be know in > the jaas part. > Since the authentication is done via certificate the JAAS part is only needed > for the authorization. > > Regards, Achim > > > 2013/2/19 helander <[email protected]> > Hi, > I am connecting to a web application in Karaf using https and a client > certificate and it works fine. > Now I want to associate the authenticated client with a set of roles defined > in a JAAS login module, e.g. in user.properties or via LDAP. Is this > possible? How to set it up? What "user" name could be used, e.g. what part > of the client certificate would the user identity be selected from? > > Any help is highly appreciated. > > Thanks > > Lars > > > > -- > View this message in context: > http://karaf.922171.n3.nabble.com/Https-2-way-authentication-and-JAAS-tp4027804.html > Sent from the Karaf - User mailing list archive at Nabble.com. > > > > -- > > Apache Karaf <http://karaf.apache.org/> Committer & PMC > OPS4J Pax Web <http://wiki.ops4j.org/display/paxweb/Pax+Web/> Committer & > Project Lead > OPS4J Pax for Vaadin <http://team.ops4j.org/wiki/display/PAXVAADIN/Home> > Commiter & Project Lead > blog <http://notizblog.nierbeck.de/>
