Forums Register Login

doubt in j2ee authentication mechanisms [CLIENT_CERT]

+Pie Number of slices to send: Send
Is the following statement true or false?
If your DD correctly declares an authentication type of CLIENT_CERT, your users must have a certificate from an official source before they can use your application.

The answer is false while I think it should be true.
+Pie Number of slices to send: Send
i also suppose that answer should be true.....

This link will be helpful...

http://edocs.beasys.co.jp/e-docs/wls/docs90/security/thin_client.html
+Pie Number of slices to send: Send
"official source " in this statement can be the key ......Digital certificate TP(third party) is this an official resource??
+Pie Number of slices to send: Send
"your users must have a certificate from an official source before they can use your application. " Answer false is correct. Even if user do not have certificate. server will prompt certificate acceptance, so to access that application You do not need to have certificate prior. if I am not correct. let me know.
+Pie Number of slices to send: Send
your users must have a certificate from an official source before they can use your application.

but after the prompt as they are not certified(they don't have certificate).Will they be able to use the application?
+Pie Number of slices to send: Send
As per my understanding. When we make any website SSL encrypted . We do purchase valid certificate from some Vendor like Veri-sign which we configure on server, so as long as server has valid certificate. whenever any user try to access that site he will get client certificate if he does not have certificate before. please correct me if i am wrong.
+Pie Number of slices to send: Send
YES I HAVE ALSO READ SAME

"where the server provides a certificate to your browser. Depending on your browser's security settings, you generally see a dialog box asking whether or not you want to trust the certificate the server is offering you (we hope signed by Thawte, VeriSign, or whomever). If you accept, the transaction can continue, and the server's public key can be used to encrypt communications between you. So certificates provide the foundation for secure transport as well as dealing with the issue of identify.
"

Please tell if i am wrong?
+Pie Number of slices to send: Send
Hi Nisha,

I am really very confused on this matter. I will request to javarachers to clear my doubt.
+Pie Number of slices to send: Send
"If your DD correctly declares an authentication type of CLIENT_CERT, your users must have a certificate from an official source before they can use your application. "

Client need to have certificate but necessarily from some Official source. Client can use self signed certificate with client get from browser. That's why 'false' would be right option for above question. if anybody have another opinion. let us know.
+Pie Number of slices to send: Send
i hope i'm not wrong, but doesn't the server need a certificate?
the client gets his public key from the server, that's how SSL works...

http://tldp.org/HOWTO/SSL-Certificates-HOWTO/x64.html
This cake looks terrible, but it tastes great! Now take a bite out of this tiny ad:
a bit of art, as a gift, the permaculture playing cards
https://gardener-gift.com


reply
reply
This thread has been viewed 1378 times.
Similar Threads
Question about authentication mechanisms
Java SSH method on Unix
Authentication
Regarding basic authentication
Using SSL with JSP
More...

All times above are in ranch (not your local) time.
The current ranch time is
Mar 28, 2024 10:48:04.