Page History
...
Existing Authentication Methods include
- Authentication Plugins#Authentication by Password (class:
org.dspace.authenticate.PasswordAuthentication
) (DEFAULT) - Shibboleth Authentication Plugins#Shibboleth Authentication (class:
org.dspace.authenticate.ShibAuthentication
) - LDAP Authentication Plugins#LDAP Authentication (class:
org.dspace.authenticate.LDAPAuthentication
) - IP Address based Authentication (class:
org.dspace.authenticate.IPAuthentication
) - XAuthentication Plugins#X.509 Certificate Authentication (class:
org.dspace.authenticate.X509Authentication
)
...
The X.509 authentication method uses an X.509 certificate sent by the client to establish his/her identity. It requires the client to have a personal Web certificate installed on their browser (or other client software) which is issued by a Certifying Authority (CA) recognized by the web server.
- See the HTTPS installation instructions to configure your Web server. If you are using HTTPS with Tomcat, note that the
<Connector>
tag must include the attributeclientAuth="true"
so the server requests a personal Web certificate from the client. Add the
org.dspace.authenticate.X509Authentication
pluginfirst
to the list of stackable authentication methods in the value of the configuration keyplugin.sequence.org.dspace.authenticate.AuthenticationMethod
Configuration File:
[dspace]/config/modules/authentication.cfg
Property:
plugin.sequence.org.dspace.authenticate.AuthenticationMethod
Example Value:
Code Block plugin.sequence.org.dspace.authenticate.AuthenticationMethod = \ org.dspace.authenticate.X509Authentication, \ org.dspace.authenticate.PasswordAuthentication
...