12.3.4. X.509 Authentication
This authentication scheme allows you to authenticate your users using HTTP X.509 based on the IETF RFC standard.
To configure this authentication scheme for a specific path just do:
httpBuilder .forPath("/faces/*.xhtml") .authenticateWith() .x509() .subjectRegex("CN=(.*?), ");
You can use the
subjectRegex
to provide a regular expression that will be used to extract the subject's name from the certificate. If not provided, PicketLink will try to extract the name from the subject DN considering only the CN value.