CAC required login - x.509, SSL?, third party, OCSP?
Has any put together a thorough "This is how to implement using a CAC to authenticate to your Web Application"?
I can't find it. I read where you need a third party software like Spnego or other things. I know I need to implement using CACs like this on JBoss 7.2 EAP.
When I look up x.509 on Red Hat, I see references to SSL. Would the steps to implement using a CAC to authenticate to my web application look something like this:
- Install JBoss 7.2 EAP (I need to use this version)
- Install SPNego
- Configure JBoss for SSL
- Perform additional JBoss configurations for x.509
Is there anything in JBoss or a third party that checks the Online Certificate Status Protocol (OCSP) to make sure CACs that have been disabled aren't getting access?
Is there a good book on this somewhere?
Anyone that could provide some solid insight would be greatly appreciated.
