I am new to weblogic security configuration and currently in the process of configuring the internet X509 PKI authentication mechanism. Can someone guide me how to do that?
Basically i have a question what is the different between two way ssl and the iPKI? is two way ssl the implementation of iPKI?
I manage to do the two way ssl and verified with the sample application. During the login the client cert is passed and default identity asserter verified with the weblogic user. Is that mean for this we need to have the user in the identity store?
Thanks Rane for pointing out the documentation. It helps me a lot.
In the i509 cert the container takes out the user id from the identity Asserter and try to find a mapping inside the weblogic user store. So my question is do we need to have all the users in weblogic (either from LDAP authenticator or local LDAP or ....) I couldn't clearly find the answer from that documents. May be i might be beating around the wrong bush. :)
So that means the client certificate is not sufficient also the user should be presented in the system.