I have a lot completed but still having a problem witht he PKI/Certificate portion.
Maybe you can look at the attachments and the below to see if you can help me meet my requirement?
HEre are the details:
Attached is an Apache Shiro web app.
I need a username+password and PKI authentication implementation similar to this:
[login to view URL]
The author explains creating custom Authentication Realms ([login to view URL]) and custom Authentication Tokens ([login to view URL]).
Also need the following related:
1) Setup Tomcat 8 with SSL, using self-signed certs.
2) In [login to view URL], in the connector configuration, change "clientAuth" to "want" instead of "true". This will automatically ask the browser to request the client for a certificate, but will not fail of there is no cert.
3) Check for an x.509 certificate in the REST call. Use [login to view URL]('[login to view URL]'). If null, no cert was presented by the user through the browser, so use login+password. If a cert is found, user chose a cert through the browser, so check the [login to view URL] against our database to see who is logging in.
Also, I need the Password Matcher/Hashing working as shown in the [login to view URL] file.
Use "mvn package" in "shiropki-web" directory to create war for Tomcat.
Please tell me if this can be an easy delivery for you. I need this quickly in a few hours