|
|
|
|
|
|
|
|
|
|
- Authentication mode
- Pre-launched sessions
CertificateClientInfo (Function) In french: CertificatClientInfo Returns information about the certificate used by the client computer during a Web connection with authentication by certificate.
IF DoitEtreAuthentifié = True THEN
IF CertificateClientInfo(certificateClientPresent) = False
OR CertificateClientInfo(certificateClientValid) = False THEN
...
RETURN
END
...
END
SAI_NumSérie = CertificateClientInfo(certificateClientSerialNumber)
SAI_CertificatClientPays_Objet = CertificateClientInfo(certificateClientSubject, certificateClientCountry)
Syntax
<Result> = CertificateClientInfo(<Information> [, <Sub-information>])
<Result>: Variant Requested information. <Information>: Integer constant Requested informatioin about the client certificate: | | | certificateClientIssuer | Identification of certificate issuer. You have the ability to extract part of the information by using the <Sub-information> parameter.
Example of string returned: CERT_ISSUER=C=FR,S=NA,L=MONTPELLIER, O=PCSOFTQUAL,CN=caqual,E=qual@pcsoft1.fr | | certificateClientPresent | Indicates whether a certificate was transmitted by the client computer (True) or not (False). | | certificateClientSerialNumber | Serial number of certificate (hexadecimal string). Example: "00E48E2E3503C8317A" | | certificateClientSubject | Identification of certificate. You have the ability to extract part of the information by using the <Sub-information> parameter.
Example of string returned: CERT_SUBJECT=C=FR,S=NA,L=MONTPELLIER, O=PCSOFTQUAL,CN=twr4m.pcsoft.com,E=qual@pcsoft1.fr | | certificateClientValid | Indicates whether a client certificate is validated by the server (True) or not (False). |
<Sub-information>: Optional Integer constant Allows you to extract a specific information (used with the certificateClientIssuer and certificateClientSubject constants only). The full information is not always available.
The following constants are accepted: | | | certificateClientCommonName | Usual name. | | certificateClientCountry | Country associated with the certificate. | certificateClientDistinguishedName
(Default value) | Entire list of certificate characteristics. The returned value is a string whose components are separated by a comma. For example SSL_CLIENT_I_DN=,C=FR,ST=NA,L=MONTPELLIER, O=PCSOFTQUAL,CN=caqual,emailAddress=qual@pcsoft1.fr The following constants are used to retrieve a single information. | | certificateClientEmail | Email address. | | certificateClientLocality | Locality associated with the certificate. | | certificateClientOrganization | Company. | | certificateClientOrganizationalUnit | Service name. | | certificateClientState | State where the certificate was created. | | certificateClientUserID | User identifier. |
Remarks Authentication mode There are two modes to authenticate clients to the web server: - authentication by the Web server. In most cases, this type of authentication is based on the authentication as domain user or server user.
- authentication by certificate. In this case, the following checks are performed:
- Checking the presence of a certificate.
- Checking the validity of the certificate.
- Checking the authorizations of the user.
Pre-launched sessions If your project uses pre-launched sessions, this function must not be used in the project initialization event. This function must be used in the "Initialization in pre-launched session mode" event. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|