By default, the Enterprise Gateway stores the extracted certificate in
the certificate message attribute. However, it
can store the certificate in any message attribute, including any
arbitrary attribute specified by the user (for example, a
user_certificate attribute). The certificate can
then be extracted from this attribute by a successor filter in the
policy.
Name:
Enter a name for the filter in the Name field.
Attribute Name:
Enter or select the name of the message attribute to store the
extracted certificate in.
When the target message attribute has been selected, the next step is
to specify the location of the certificate from one of the following
options:
User:
Select a User whose certificate is extracted
from the Certificate Store and set to the message.
Certificate Store:
Click the Select button and select a certificate from
the Trusted Certificate Store.
User or Wildcard:
This field represents an alternative way to specify what user's
certificate is used. Either an explicitly named User's
certificate is used, or you can specify a property to locate a
User name or DName that can then be used to locate
the certificate.
You can specify a property by enclosing the message attribute that contains
the user name or DName in curly brackets, and prefixing this with the
$ sign. For example:
| | |
|
${authentication.subject.id}
| |
| | |
|
This property means that the Enterprise Gateway uses the certificate belonging
to the subject of the authentication event in subsequent certificate-related
filters. The certificate is set to the certificate message
attribute.
Using properties is a more generic way of locating certificates than
specifying the User directly.
Message Attribute Name:
Enter the name of the message attribute that contains the certificate.
HTTP Header Name:
Enter the name of the HTTP header that contains the certificate.
Attachment Name:
Specify the name of the attachment (Content-Id ) that contains
the certificate. You can enter a wildcard in this field to represent the
value of a message attribute.
|