Here is an example of using servlet + client cert:
https://github.com/undertow-io/undertow/commit/e8473ec35c420b782e072723d1...
Basically the IdentityManager implementation is responsible for
retrieving the roles for a given user.
Stuart
On Sat, Dec 10, 2016 at 8:17 PM, Dieter Bogdoll <dieter(a)bogdoll.net> wrote:
Hello Mailinglist,
I would like to use undertow for creating REST APIs.
I also would like to use HTTPS for communcation between client and server.
The user should authenticate itself with a client certificate. On the
server should be a component which takes the client certificate and
uses some other service (properties file, database, ...) to which roles
the user has (and therefor if and what parts of the REST API he can use).
I think I know how to listen only to HTTPS, but I'm not sure how to extract
the relevant bits from the client certificate and how to set the
groups/roles.
The solution should be compatible with the Servlet API. Is there some
example
code which I could look up, or some tutorial describing what I required?
Best regards,
Dieter
_______________________________________________
undertow-dev mailing list
undertow-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/undertow-dev