x509 « Security « Spring Q&A





1. How to get the certificate into the X509 filter (Spring Security)?    stackoverflow.com

I need to extract more information than just the CN of the certificate. Currently, I only get the standard UserDetails loadUserByUsername(String arg) where arg is the CN of the certificate. I ...

2. Spring-Security with X509?    stackoverflow.com

I am new to spring-security in general and am a bit confused. The project I am trying to integrate this with uses X509 certificates to identify users for signing in to ...

3. x509 authentication with spring security 2.0.4    stackoverflow.com

i am new to spring security. can anybody provide me sample application for x509 certificate authentication with spring 2.0.4

4. Spring Security x509 successful authentication    stackoverflow.com

Is there a way to set a default-target when using x509? For example if I was using regular form auth I would have something like:

<security:form-login login-page="/login" always-use-default-target="true" authentication-failure-url="/login?error=1" default-target-url="/summarylogin"/>
Below are my ...

5. Spring X509 Authentication Between Two Servers    stackoverflow.com

I've got two Spring web applications on different domains and different servers that already have signed SSL certificates. I'd like one of them to be able to make requests of the ...

6. How to organize X509 authentication in web application with Java and Spring?    stackoverflow.com

I have USB token with private key and X509 certificate on it. It can be seen from Firefox so it is OK. I have sample application from Spring Security (I'm using ...

7. WSS JAX-WS In Spring    stackoverflow.com

I'm trying to expose a service with JAX-WS and authenticated with X.509 like security, but I didn't found good documentation about it. Please, any idea?

8. Custom x509 Authentication (Sorta)    forum.springsource.org

Custom x509 Authentication (Sorta) I was trying to setup a system that would use the x509 for authentication but use another provider for authorization (i.e. to load roles, etc). The problem ...

9. Spring Security 3.0 & X509    forum.springsource.org

Spring Security 3.0 & X509 I am attempting to migrate an existing application using Acegi Security to Spring Security 3.0.5. I am attempting to use namespaces as much as possible. Our ...





10. How to organize X509 authentication in web application with Java and Spring?    forum.springsource.org

How to organize X509 authentication in web application with Java and Spring? I have USB token with private key and X509 certificate on it. It can be seen from Firefox so ...

11. Authenticate with an x509 certificate against an ldap    forum.springsource.org

Authenticate with an x509 certificate against an ldap Hello, I have to do (with Spring Security 3) a user authentication in my application with an x509 certificate contained in a USB ...

12. X509 WS-Security using XWS interceptor in WebSphere    forum.springsource.org

X509 WS-Security using XWS interceptor in WebSphere I am having a hard time with X509 certificate-based WS-Security in WebSphere v7. Here's a little background: We are using spring-ws & spring-security version ...

13. X509 authentication: sample configuration    forum.springsource.org

Nov 11th, 2005, 06:58 AM #2 Ben Alex View Profile View Forum Posts Visit Homepage Senior Member Spring Team Join Date Aug 2004 Location Sydney, Australia Posts 2,765 Checkout or download ...

14. X509 Authentication and Servlet Specification    forum.springsource.org

X509 Authentication and Servlet Specification Hi, I am trying to set up X509 client autentication for an existing web application. Presently I use the standard container managed security with the usual ...

15. X509 Authentication question    forum.springsource.org

When you use authentication with username/password you end up with a UsernamePasswordAuthenticationToken with authenticated set to 'true'. On the other hand, if you use X509 Authentication you end up with a ...

16. X509 Authentication and Session creation    forum.springsource.org

X509 Authentication and Session creation Hi, This message is probably best answered by Luke, but any feedback would be appreciated. I have SSL certificate authenticated web services. I get a fair ...





17. Authentication X509 + LDAP    forum.springsource.org

Authentication X509 + LDAP Hi all, I just want to share my thoughts to see if they are right: Currently with Acegi you can use authentication based on x509 certificates (well, ...

18. x509 Authentication    forum.springsource.org

x509 Authentication Hi In order to learn x509 authentication, I am trying to use this x509 authentication with the sample web application (acegi-security-sample-tutorial.war). This webapp is deployed on Tomcat 5.0 with ...

19. Cannot setupa a custom Access Denied error page using X509 Authentication    forum.springsource.org

Feb 17th, 2007, 08:15 PM #1 srxavi View Profile View Forum Posts Private Message Junior Member Join Date Feb 2007 Posts 7 Cannot setupa a custom Access Denied error page using ...

20. X509 Authentication in non-web application    forum.springsource.org

I'm would like to use X509 Authentication in for a non-web application. Does anyone have some sample code of how to do this? Thanks, Jon

21. x509 Cert with acegi and SpringWS    forum.springsource.org

x509 Cert with acegi and SpringWS I'm trying to use an x509 cert to get the username. I'm expecting it to return "TestClient" but I'm getting the following error: Authentication request ...

22. logging a missing/invalid x509 cert?    forum.springsource.org

I'm using acegi to front end a web service, and I'm requiring a cert by using the XwsSecurityInterceptor. Is there a way to catch when the cert is invalid or not ...

23. Dual authentication - x509 or username/password    forum.springsource.org

Feb 27th, 2008, 09:18 AM #1 mathessd View Profile View Forum Posts Private Message Junior Member Join Date Dec 2007 Posts 27 Dual authentication - x509 or username/password I have successfully ...

24. X509 Certificate validation with AcegiCertificateValidationCallBackHandler    forum.springsource.org

Code: SEVERE: WSS1364: Unable to validate certificate Apr 8, 2008 4:17:23 PM com.sun.xml.wss.impl.dsig.KeySelectorImpl resolve SEVERE: WSS1353: Error occurred while resolving key information com.sun.xml.wss.impl.WssSoapFaultException: Certificate validation failed at com.sun.xml.wss.impl.SecurableSoapMessage.newSOAPFaultException(SecurableSoapMessage.java:318) at com.sun.xml.wss.impl.dsig.KeySelectorImpl.resolveToken(KeySelectorImpl.java:1237) at ...

25. x509 authentication does not work properly    forum.springsource.org

26. X509 namespace issue    forum.springsource.org

X509 namespace issue We're using X509 authentication and here in Brazil it's common to extract other informations from the user certificate besides common name (CN), which is implemented by default by ...

27. x509 client certificate doesn't work with CatalinaAcegiUserRealm    forum.springsource.org

Hi, I defined CatalinaAcegiUserRealm in the Tomcat's server configuration In the myAcegiContext.xml file i defined flow that support x509 client certificate authentication. i.e (authentication manager, x509ProcessingFilter, x509AuthenticationProvider, etc'). When i tested ...

28. X509 and isAccountNotLocked    forum.springsource.org

I may be missing something but it seems like only the LDAP and DAO providers adhere to the account settings (enabled, locked, expired). I implemented my own UserDetailsService that sets the ...

29. X509 and HTTP login authent    forum.springsource.org

Hi .. We develop a website that uses spring security to make the standard login/pass authent, no problem. done but, we have to allow two access way simultaneously either X509 certs ...

30. access-denied-page with x509 auth    forum.springsource.org

access-denied-page with x509 auth Hello, I have spring security set up using x509 authentication, and it seems to be working just fine. I then tried to set the access-denied-page attribute. After ...

31. get the certificate into the X509 filter    forum.springsource.org

Hi .. I need to extract more information than just the CN of the certificate I get the standard UserDetails loadUserByUsername(String arg0) where arg0 is the CN of the certificate I ...

32. Can't get SSL with X509 working with 1.5.7    forum.springsource.org

Jun 2nd, 2009, 01:54 PM #1 rmilstead View Profile View Forum Posts Private Message Junior Member Join Date Aug 2008 Posts 17 Can't get SSL with X509 working with 1.5.7 I ...

33. Externally configuring subject-principal-regex for security:x509    forum.springsource.org

Hello guys and thanks in advance. I am trying to externally configure the expression used to extract the principal from x.509 certificate. I tried using PropertyPlaceholderConfigurer but since the value is ...

34. x509 and "defaultTargetUrl"    forum.springsource.org

I'm trying (via numerous blog posts) to try to find a way to replicate the defaultTargetUrl functionality (that you'd get from a security:form-login tag). I have x509 working.. extracting the CN.. ...

35. Multiples auths mechanism: Basic & X509    forum.springsource.org

Hi all. We're trying to implement a unique login page with multiples auths. mechanism. What we want? Login form with two div: Basic username/password X509 auth The problem is that we ...

36. Combine X509 and Form based login    forum.springsource.org

Hi@all I'd like to know if its possible to combine x509 and form based login. If the request is comming from a known client using ssl, i want to authenticate the ...

37. X509 smartcard authentication    forum.springsource.org

X509 smartcard authentication Hi, this is my first post. I'm trying to setup an enviroment with a non-spring application in a tomcat, well a non-spring application but with spring-security of course! ...

38. X509 Client Certificate and Tomcat tutorial    forum.springsource.org

Hi Guys, I've spent a bit of time writing down how I got X509 Client Certificates working with Spring Security and Tomcat. Mostly for my own reference but I realized that ...

39. Preventing replay attacks when using Spring-ws + WSS4J + X509 certificate authentica    forum.springsource.org

Preventing replay attacks when using Spring-ws + WSS4J + X509 certificate authentica We have a need to prevent our Spring-ws Web Service from replay attacks where a malicious party may capture ...

40. How would you pull the X509 cert    forum.springsource.org

How would you pull the X509 cert Team, I am using OC4J to do some dev. work. I have configured my container (OC4J web server) to request the CAC cert by ...

41. Redirect to INSECURE after x509 authentication    forum.springsource.org

Redirect to INSECURE after x509 authentication I set up a jetty server with mutual authentication, and have spring security setup with x509 provider. My server properly authenticates using the user's pki ...

42. x509 Client Certificate    forum.springsource.org

x509 Client Certificate I am using x509 to read client certificate and pass the value to userdetailsservice. It works (using following config) however subject-principal-regex="CN=(.*?) only provides user name from subject which ...

43. Advice on multiple authentication scheme (X509 / password)    forum.springsource.org

Advice on multiple authentication scheme (X509 / password) This is my first time posting here, so let me know if I should be posting differently. I am implementing a combined X509 ...

44. Using the entire distinguished name in X509 pre-authentication    forum.springsource.org

Using the entire distinguished name in X509 pre-authentication Because the project I am working on works with many organizations, which make up their own rules for creating distinguished names, the standard ...

45. Spring Security 3.0.3 using X509 always returns 403    forum.springsource.org

Spring Security 3.0.3 using X509 always returns 403 Hi, I'm having a problem getting X509 going with a UserDetailsService. No matter what, I get a 403. Code:

46. Custom X509 and form login    forum.springsource.org

Hi, What would be the best approach for the following scenario. I want to try authenticate against values in the request header first before going into the X509AuthenticationFilter The reason for ...