Understanding Certificate-Based Authentication

In Chapter 9, you will examine how digital certificates uniquely identify a user. When you create a network application that requires authentication, your program can request the client program to provide the user’s digital certificate as a form of identification. Within Windows 2000, you can map client certificates to specific user accounts. In this way, the client program does not have to submit username and password information. The following method illustrates how a web service method might test whether the client request has included a digital certificate:

<WebMethod()> Public Function ClientCert() As Boolean     ClientCert = Context.Request.ClientCertificate.IsPresent End Function

Using IIS, you can specify that a page or web service requires that the user submit a client certificate using the Secure Communications dialog box, shown in Figure 8.6.

click to expand
Figure 8.6: Requiring a client program to specify a client certificate before the client can access the server

You can configure your browser so that it will automatically return your digital certificate when the browser is so prompted by a remote server. If you are creating a client program yourself, you can create an instance of the X509Certificate class, to which you can assign your certificate from a file. Then, you can assign the certificate object to the web service object, as shown here:

Dim Cert As X509Certificate Cert = X509Certificate.CreateFromCertFile( _ Ä  Server.MapPath("CertificateFilename.Cer")) WS.ClientCertificates.Add(Cert)

. NET Web Services Solutions
.NET Web Services Solutions
ISBN: 0782141722
EAN: 2147483647
Year: 2005
Pages: 161
Authors: Kris Jamsa

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net