We have an authentication module which performs X509 authentication.
The authentication method does not perform any LDAP lookup. Unregistered
users can access the application. Using the standard identity injection
methods it is possible to put the entire certificate subject in the

We now want to inject other headers with values that are parsed from
the subject. E.g. if the certificate subject is "o=company,u=steven", we
want a company-header with the company and a name-header with value

To do this, we are implementing a Java identity injection module that
should parse the certificate subject and put some parts of it in some
Starting from the examples in the SDK, I see that identity injection
module can only access the username and password using the
ExternalDataFillerContext object. This object has two methods: getUserDn
and getUserPassword. However, in our setup, both return an empty

Based on the documentation, I do not find where I can get the
certificate subject. Is there a way to make the certificate subject
available for identity injection modules?

kind regards,
Steven Gevers

stevengevers's Profile:
View this thread: