CertificateAuthNSample.java demonstrates the implementation of a x509 certificate based authentication login class to support transparent client authentication during single sign-on for Oracle Hyperion Enterprise Performance Management System components. CertificateAuthNSample.java demonstrates how to implement transparent client authentication:
Accept the X509 certificate of the authenticated user from the web server through a header
Parse the X509 certificate
Extract the DN of the user as the user identity
Use the user DN to authenticate the user
If you need to retrieve user identity from a certificate attribute other than DN, modify getCSSUserNameFromDN(String DN) method.
CertificateAuthNSample.java uses CSSSecurityAgentIF, which is the interface that defines the getter methods for user name and password for custom login.