directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kiran Ayyagari <>
Subject Re: Where can I get the client certificate?
Date Fri, 13 Mar 2015 13:00:23 GMT
On Fri, Mar 13, 2015 at 8:40 PM, Marc Boorshtein <>

>>>>> Well thats untrue.  The certificate can be used for user mapping,
>>>>> authorization, etc.  This is VERY common in the HTTP world.  In a servlet
>>>>> you can get the certificate, DN, etc from the request object.
>>>>> not the case in LDAP, AFAIK
>>> OK well if it wasn't the case I wouldn't have folks asking for it :-)
>> never heard of such requirement before, curious about the usecase though
> Don't have 100% of the use case either.  Someone's looking for MyVD to
> give them the client certificate in an insert (our equivalent of an
> interceptor) so they can do authorizations.  For service accounts its very
> elegant if you think about it as it eliminates the need for passwords
> (assuming thats what its for).
sounds quite heavy, cause the CRL needs to be maintained/verified on the
LDAP server

thanks for sharing.

Kiran Ayyagari

View raw message