Thursday, March 28, 2002 05:03 PM
Client authentication using SSL
I am using 2 way SSL, with client authentication using digital certificates. After a successful SSL handshake, is there no way for my sever side application to know who has just been authenticated?
is there no way for the application to get the client certificate used as a part of the handshake?
my server appln has to know the identity of the user to fetch his access control and other details. i want to avoid a userid/passwd window. how are such applications usually designed?