search

brockallen / BrockAllen.MembershipReboot

MembershipReboot is a user identity management and authentication library.
Other
742 stars 238 forks source link

Custom user certificate #635

Closed ashkansk closed 8 years ago

ashkansk commented 8 years ago

Hi Brock, I hope you're doing well. I've been using your MR library for a while and loving it so much because it's customizable in all aspects. I never happened to use client certificates until now that we're applying a security solution which needs client certificates to be stored in database. When the user is signing in, he/she sends a certificate (using USB tokens) in addition to the provided username and password. The signing in procedure after checking username and password validity, includes checking the provided certificate with the existent certificate in the database for that user to see if they match ...

What I'm asking is can I create a CustomUserCertificate entity which inherits from RelationalUserCertificate just like customizing the UserAccount entity and use it in the scenario above?

If yes, how would the custom class be registered and configured in MembershipRebootConfiguration instance?

Thank you.

brockallen commented 8 years ago

There is some client cert support -- check the samples. Basically, MR assumes IIS has done the cert validation and then your loign page needs to pass that along to ask MR to signin (meaning find a matching account based on thumbprint).