8 Client Certificate Authentication with TLS

Although username and password authentication are extremely common, as we discussed in Chapter 1, Anatomy of an Unsafe Application, and in Chapter 2, Getting Started with Spring Security, forms of authentication exist that allow users to present different types of credentials. Spring Security caters to these requirements as well. In this chapter, we’ll move beyond form-based authentication to explore authentication using trusted client-side certificates.

During the course of this chapter, we will cover the following topics:

Learning how client certificate authentication is negotiated between the user’s browser and a compliant server
Configuring Spring Security to authenticate users with client certificates ...

Get Spring Security - Fourth Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Spring Security - Fourth Edition by Badr Nasslahsen

8

Client Certificate Authentication with TLS

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly