Topic
  • 2 replies
  • Latest Post - ‏2013-01-07T23:59:43Z by Arnab_Ghosh
Arnab_Ghosh
Arnab_Ghosh
94 Posts

Pinned topic BinarySecurity authentication

‏2013-01-04T23:38:37Z |
HI,
I am doing Authentication using BinarySecurityToken. After that I want to get the user details from the certificate against which the user has been authenticated true. How is it usually done? var://context/WSM/identity/authenticated-user has some encoded string but this is not the cn mentioned in the certificate.

Thanks,
Arnab
Updated on 2013-01-07T23:59:43Z at 2013-01-07T23:59:43Z by Arnab_Ghosh
  • swlinn
    swlinn
    1348 Posts

    Re: BinarySecurity authentication

    ‏2013-01-07T14:51:35Z  
    The wsse:BinarySecurityToken supports both X.509 certificate and a LTPA token, specified by the ValueType attribute. I'm assuming you have a X.509 certificate, so if you are doing this in a stylesheet, you should be able to get this value from your document and use

    dp:get-cert-details(concat('cert', //wsse:BinarySecurityToken))

    I'm not sure if the X.509 certificate is base-64 encoded, so you may need to do the dp:decode extension function as well. get-cert-details returns a node set with all of the certificate attributes. You may also use a different extension function to get a specific attribute, for example, dp:get-cert-subject. My guess is that the WSM context variable has the BinarySecurityToken value, true?

    Regards,
    Steve
  • Arnab_Ghosh
    Arnab_Ghosh
    94 Posts

    Re: BinarySecurity authentication

    ‏2013-01-07T23:59:43Z  
    • swlinn
    • ‏2013-01-07T14:51:35Z
    The wsse:BinarySecurityToken supports both X.509 certificate and a LTPA token, specified by the ValueType attribute. I'm assuming you have a X.509 certificate, so if you are doing this in a stylesheet, you should be able to get this value from your document and use

    dp:get-cert-details(concat('cert', //wsse:BinarySecurityToken))

    I'm not sure if the X.509 certificate is base-64 encoded, so you may need to do the dp:decode extension function as well. get-cert-details returns a node set with all of the certificate attributes. You may also use a different extension function to get a specific attribute, for example, dp:get-cert-subject. My guess is that the WSM context variable has the BinarySecurityToken value, true?

    Regards,
    Steve
    Thanks Steve, It worked