AnsweredAssumed Answered

Authentication via client certificate

Question asked by aleksandarm on Sep 24, 2014
Latest reply on Sep 25, 2014 by aleksandarm
Hello,

we have a requirement that the users should be able to authenticate using 
client certificates. Users only have access to Share application.

To accomplish this, so far, we have done the following customizations/extensions:

1. A custom share page is defined, with authentication set to none, in order to bypass standard user-name/password login page.
2. Server(Tomcat) is configured to trigger authentication via CLIENT-CERT authentication method, when this page is accessed.
3. Root certificate is imported into .truststore, so all client certificates can be validated and accepted.
4. Each of these client certificates maps to username that exists in Alfresco repository.

Now, when username is available, is it possiblile, and how would you suggest to authenticate user using only a username.
Is there some API that is available within share application contex, (some equivalent of AuthenticationUtil avaliable in repo)
that can be used to authenticate user using only a username.

If anyone had similar use case, any suggestion or advice would be much appreciated.

Outcomes