2.5.5. Client Cert Authentication
If you want to enable HTTP Client Cert Authentication, configure the
AuthenticationFilter as follows:
<filter> <filter-name>AuthenticationFilter</filter-name> <filter-class>org.picketlink.authentication.web.AuthenticationFilter</filter-class> <!-- Configure HTTP Client Cert Authentication Scheme --> <init-param> <param-name>authType</param-name> <param-value>CLIENT_CERT</param-value> </init-param> </filter> <!-- Defines which URLs should be protected by this filter --> <filter-mapping> <filter-name>AuthenticationFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
Before using this authentication scheme, you need to configure your container to use HTTPS. Please take a look at the following quickstart about how to proper configure and use this authentication scheme: https://github.com/jboss-developer/jboss-picketlink-quickstarts/tree/master/picketlink-authentication-http-client-cert