Closed ashkansk closed 8 years ago
There is some client cert support -- check the samples. Basically, MR assumes IIS has done the cert validation and then your loign page needs to pass that along to ask MR to signin (meaning find a matching account based on thumbprint).
Hi Brock, I hope you're doing well. I've been using your MR library for a while and loving it so much because it's customizable in all aspects. I never happened to use client certificates until now that we're applying a security solution which needs client certificates to be stored in database. When the user is signing in, he/she sends a certificate (using USB tokens) in addition to the provided username and password. The signing in procedure after checking username and password validity, includes checking the provided certificate with the existent certificate in the database for that user to see if they match ...
What I'm asking is can I create a
CustomUserCertificate
entity which inherits fromRelationalUserCertificate
just like customizing theUserAccount
entity and use it in the scenario above?If yes, how would the custom class be registered and configured in
MembershipRebootConfiguration
instance?Thank you.