This discussion is archived
0 Replies Latest reply: Jul 25, 2013 7:16 AM by e0457bd5-794c-4724-a0ba-8cc83113fd1a RSS

OSB access to X.509 fields

e0457bd5-794c-4724-a0ba-8cc83113fd1a Newbie
Currently Being Moderated

Hi,

 

I am configuring a proxy service secured with the policy wss10_x509_token_with_message_protection_service_policy. I have been able to configure it correctly and to test it with SoapUI.

 

I am facing difficulties with a security requirement, I need to be able to access attributes of the user's certificate, the one used to perform authentication in Weblogic, because I need to check the DN and the Serial Number of the certificate against a database, in an OSB's stage. Is it possible to map these X.509 attributes with the user that is managed from the OSB? Exploring the variable inbound I only see the name of the Weblogic's user:

 

<ctx:username xmlns:ctx="http://www.bea.com/wli/sb/context">client</ctx:username>

 

Googling I suspect the solution can be to write a custom UserNameMapper for Weblogic, am I right? Is it possible to add attributes to a Weblogic's user in that custom class?

 

OSB's version is 11g.

 

Thanks in advance,

 

Pablo.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points