Topic
  • 3 replies
  • Latest Post - ‏2014-04-03T17:39:54Z by sgb90
sgb90
sgb90
114 Posts

Pinned topic Getting certificates from LDAP

‏2013-09-11T14:32:06Z |

Hi everyone,

 

I am performing authentication using certificates.

 

A SOAP client request contains a <wsse:BinarySecurityToken> element with a certificate's Base64 ecoding besides a UsernameToken element. Based on that user, I can obtain through an LDAP search the Base64 encoding of the certificate associated to him as a binary.

 

Which is the best way to validate the certificate given by the client in the SOAP request with that other Base64 encoding obtained from the LDAP search? (I am using an XSLT stylesheet)

 

Regards,

Sebastian

Updated on 2013-09-11T14:32:57Z at 2013-09-11T14:32:57Z by sgb90
  • sgb90
    sgb90
    114 Posts

    Re: Getting certificates from LDAP

    ‏2013-09-12T15:00:08Z  

    Bump.

     

    Additional Info: That base64 comes as a binary, so I should be comparing a string against it. Any ideas or suggestions?

     

    Regards,

    Sebastian

  • akondeti
    akondeti
    48 Posts

    Re: Getting certificates from LDAP

    ‏2014-04-03T12:41:07Z  

    Hello Sebastian,

    I am also looking for the similar scenario..where the certificate subject name is sent through the SOAP UI and it should be validated with the certificate that is stored in LDAP Server and authenticate.

    But I am facing some Issues in Datapower for  LDAP configurations.

    Can you please Help me on this???

    Regards,

    Annapurna Kondeti.

     

  • sgb90
    sgb90
    114 Posts

    Re: Getting certificates from LDAP

    ‏2014-04-03T17:39:54Z  
    • akondeti
    • ‏2014-04-03T12:41:07Z

    Hello Sebastian,

    I am also looking for the similar scenario..where the certificate subject name is sent through the SOAP UI and it should be validated with the certificate that is stored in LDAP Server and authenticate.

    But I am facing some Issues in Datapower for  LDAP configurations.

    Can you please Help me on this???

    Regards,

    Annapurna Kondeti.

     

    Hi Annapurna,

    I remember I was finally able to achieve this but the customer's requirement involved getting the certificate through the User ID and not the certificate subject name. The difference is that our SOAP UI message came already with a certificate as a base64 string in order to compare it with the one stored in OID. I guess that if you store that certificate under a cn named after it's subject name you should be able to retrieve the certificate saved as an attribute on your LDAP.

     

    Regards,

    Sebastian