[keycloak-user] x509 - serial number as a HEX
Nalyvayko, Peter
pnalyvayko at agi.com
Fri Jun 29 10:31:10 EDT 2018
Hi Karol,
AFAIK, by default x509 authentication in KC uses a decimal representation when mapping the serial number to a user identity. As a temp workaround, you can try augmenting the DN field and then configure the x509 auth to use the regular expression identity extractor to get the value.
My $.02 cents
--Peter
________________________________________
From: keycloak-user-bounces at lists.jboss.org [keycloak-user-bounces at lists.jboss.org] on behalf of Karol Buler [K.Buler at adbglobal.com]
Sent: Friday, June 29, 2018 4:21 AM
To: keycloak-user at lists.jboss.org
Subject: [keycloak-user] x509 - serial number as a HEX
Hi Everybody,
is there any possibility to get Serial Number field from certificate in
x509 authentication flow as a HEX value instead of Integer.
I've set the x509 Direct Grant authentication flow to take Serial Number
as a username, and I've expected that there will be a HEX value, which I
see in certificate, but I've got Integer representation of it in my User
Storage Federation's classes.
Karol
[https://www.adbglobal.com/wp-content/uploads/adb.png]
adbglobal.com<https://www.adbglobal.com>
This message (including any attachments) may contain confidential, proprietary, privileged and/or private information. The information is intended for the use of the individual or entity designated above. If you are not the intended recipient of this message, please notify the sender immediately, and delete the message and any attachments. Any disclosure, reproduction, distribution or other use of this message or any attachments by an individual or entity other than the intended recipient is STRICTLY PROHIBITED.
Please note that ADB protects your privacy. Any personal information we collect from you is used in accordance with our Privacy Policy<https://www.adbglobal.com/privacy-policy/> and in compliance with applicable European data protection law (Regulation (EU) 2016/679, General Data Protection Regulation) and other statutory provisions.
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list