HeaderBasedCertificate

Authenticate based on an HTTP header containing an x509 certificate. Note that certificate extraction must be done prior to executing this authenticator.

Properties

Name Description Default value Mandatory
successURL Where to send user agent afer successfull authentication N/A Yes
certificateheader The name of the header used where certificate resides N/A Yes
certificateExtractionUrl If certificate is missing value, where to redirect client for certificate extraction N/A No
pipeID Id of the pipe validating the user N/A Yes

Example Configuration 

{
    "alias": "certauth",
    "name": "HeaderBasedCertificate",
    "configuration": {
        "successURL": "/config/",
        "certificateheader": "certificate",
        "pipeID": "authPipe"
    },
    "id": "certauth"
}

Requirements

Certificate extraction must have been done prior to executing this authenticator. This is often done by Apache or NGINX.