Using X509 subject with identity injection
Dear,
We have an authentication module which performs X509 authentication. The authentication method does not perform any LDAP lookup. Unregistered users can access the application. Using the standard identity injection methods it is possible to put the entire certificate subject in the headers.
We now want to inject other headers with values that are parsed from the subject. E.g. if the certificate subject is "o=company,u=steven", we want a company-header with the company and a name-header with value "steven".
To do this, we are implementing a Java identity injection module that should parse the certificate subject and put some parts of it in some headers.
Starting from the examples in the SDK, I see that identity injection module can only access the username and password using the ExternalDataFillerContext object. This object has two methods: getUserDn and getUserPassword. However, in our setup, both return an empty string.
Based on the documentation, I do not find where I can get the certificate subject. Is there a way to make the certificate subject available for identity injection modules?
kind regards,
Steven Gevers
|
Threaded Mode
