locked
Multiple clients with different client certificates with WSE 3.0

    Question

  • Folks:

    Been researching this for awhile, and have not come up with a definitive answer:

    I have a WSE 3.0 web service that is secured through a mutual authentication scheme (both client and service tokens required)

    We are adding another consumer of these web servcies, and we want to issue another client certificate to this new user. 

    Can I:

    1. Use the policy files to do this;
    2. If this can not be done just in policy files, how can I do this in code?  I understand what needs to be done,  but not sure what approach to take to hitch into WSE processing to get the token from the request and see if it is valid.
    I've seen one post about this in this formum, but the answer was just "Problem Solved". Not very helpful ;-).

    David
    Monday, October 27, 2008 4:56 PM

Answers

  • Okay, answered my own question.

    For future reference:

    To authenticate multiple clients each with their own cer in WSE 3.0, simply add the client's cert to the <Authorization> section of the policy:

    <authorization>
    <allow user="CN=client1Cert" />
    <allow user="CN=client2cert" />
    </authorization> 

    Its as simple as that.

    D
    • Edited by Mekon2 Monday, October 27, 2008 7:56 PM
    • Marked as answer by Mekon2 Monday, October 27, 2008 7:56 PM
    Monday, October 27, 2008 7:54 PM