| 12345678910111213141516171819202122232425262728293031323334 |
- = X.509 + Form Login MFA Sample
- This sample demonstrates configuring Spring Security to require both an X.509 Certificate and a Username/Password Login in order to enter the site with full permissions.
- == Preparing to Use X.509
- This sample is intended to be used in a browser.
- As such, you should:
- 1. Configure your browser to trust the `ca.crt` that accompanies this project
- 2. Configure your browser with the `josh-keystore.p12` client certificate
- Both `api-keystore.p12` and `josh-keystore.p12` use keys signed by `ca.crt`.
- This means that after the above steps are performed, you can also use this application without getting a security warning in your browser.
- == Using the Sample
- To run, please use:
- .Java
- [source,java,role="primary"]
- ----
- ./gradlew :bootRun
- ----
- This will start an application on 8443, meaning you will need to reach it using HTTPS.
- You can reach the website at https://api.127.0.0.1.nip.io:8443.
- If that isn't working for you, please try https://localhost:8443.
- With the client certificate (`josh-keystore.p12`) correctly installed in the browser, it will ask you which client certificate you want to you.
- Select `josh`.
- You will then be redirected to the login page where you can use `josh/password` as the username and password.
|
