[英]How to require client certificate authentication in only specific java servlets?
I am trying to create a java servlet application that requires client certificate authentication, but only on specific pages.我正在尝试创建一个 java servlet 应用程序,它需要客户端证书身份验证,但仅限于特定页面。 I would like to have a landing page that doesn't require any sort of authentication which will have a link/button to go to a page that does require authentication.
我想要一个不需要任何身份验证的登录页面,该页面将有一个指向 go 的链接/按钮到一个需要身份验证的页面。 Is there a way to do this?
有没有办法做到这一点?
I am using OpenLiberty as the servlet container.我使用 OpenLiberty 作为 servlet 容器。 I am familiar with using ClientAuthenticationSupported="true" (in server.xml), but I do not want the user prompted to select a certificate until they reach a certain page.
我熟悉使用 ClientAuthenticationSupported="true"(在 server.xml 中),但我不希望用户在到达特定页面之前提示 select 证书。 I have also looked at HttpServletRequest, but don't see a way to force a specific type of authentication with the available methods.
我还查看了 HttpServletRequest,但没有看到使用可用方法强制执行特定类型身份验证的方法。
I want the user to be prompted like they would be visiting prod.idrix.eu/secure .我希望用户得到提示,就像他们正在访问prod.idrix.eu/secure 一样。 Is there a way to set a servlet's authentication type programmatically to accomplish this?
有没有办法以编程方式设置 servlet 的身份验证类型来完成此操作? Any help would be appreciated.
任何帮助,将不胜感激。 I think this can be done using two different applications (one that does not require authentication and one that does), but I would like to keep it all as one.
我认为这可以使用两个不同的应用程序(一个不需要身份验证,一个需要)来完成,但我想将它们作为一个。
Thanks.谢谢。
In web.xml
you can specify security-constraints
that will include URL patterns for the pages that should be protected.在
web.xml
,您可以指定security-constraints
,其中包括应保护的页面的 URL 模式。 You can also configure <login-config>
to use CLIENT-CERT
authentication method.您还可以配置
<login-config>
以使用CLIENT-CERT
身份验证方法。 In the server.xml
then you configure your user registry and mapping between cert and user.然后在
server.xml
配置用户注册表以及证书和用户之间的映射。 More details here - https://www.ibm.com/docs/en/was-liberty/base?topic=liberty-ldap-certificate-map-mode更多细节在这里 - https://www.ibm.com/docs/en/was-liberty/base?topic=liberty-ldap-certificate-map-mode
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.