When liberty on z receives a client certificate, how to get the associated userid when security registry is SAF(MVS RACF)? No document for this scenario at the moment

from
https://www.ibm.com/support/knowledgecenter/SS7K4U_liberty/com.ibm.websphere.wlp.zseries.doc/ae/twlp_sec_clientcert.html
Step 6:
Make sure any client certificates used for client authentication are mapped to a user identity in your registry.

For the basic registry, the user identity is the common name (CN) from the distinguished name (DN) of the certificate.

For a Lightweight Directory Access Protocol (LDAP) registry, the DN from the client certificate must be in the LDAP registry.

—–
Basic registry and LDAP are described, but what happen when I use RACF as my liberty security registry?
From the test, it’s not working, the userid can not be obtained.

Related:

Leave a Reply