MWS and Certificate authentication

Hello,

I’m looking for how to deal authentication to the MWS by checking user certificate ? the goal for my customer is to allow certain kind of user to use their certificates in addition or completly instead of login/password.

Maybe someone have already implement sush requirement !

Thank you in advance.

I believe the “Administering My webMethods Server” documentation describes this procedure.

Hi Eric, I’m not sure. what I found in this document says :

“As My webMethods Administrator you can manage authentication certificates for users who connect to Integration Server or other webMethods applications. Authentication certificates do not govern a connection between a user and My webMethods Server.”

You may be right about that.

If you would like that capability provided out of the box then you can make a proposal in brainstorm @ https://empower.softwareag.com/Products/FeatureRequestsInBrainstorm/default.asp for consideration in a future release.

In the mean time, MWS authentication is completely pluggable, so you could create a custom authentication handler that could probably do that. I believe there was source code for an auth handler floating around somewhere which authenticates against X509 certificates but I can’t find it at the moment. If you open a support ticket, then they can probably track that sample down for you.

UPDATE: I found the sample I was thing of on the community site @ http://techcommunity.softwareag.com/ecosystem/communities/public/webmethods/products/bpm_suite/codesamples/8426c89b-b1d2-11e4-8d00-cd8d7ef22065/?title=Certificate+authentication+with+MWS

Hi Eric,

Thank you for your feedback. i would have more information about this kind of handler and especialy how to read user certificate while login operation

Many thanks