IdmUploadCertificateState

This AuthState is a processing AuthState.

This IDM auth plug-in is used for certificate registration by using the client certificate. Registering a client certificate means that a new certificate credential is created for the underlying user.

Topic	Description
Class	ch.nevis.idm.authstate.IdmUploadCertificateState
Logging	IdmAuth
Auditing	none
Marker	NevisIDM:mutation
Properties	treatAsStrongAuth (boolean, true) If the property is set to "true", the uploaded certificate is treated as valid strong authentication. Thus, the user is strongly authenticated after having successfully passed this state.
	client.name (defined in the chapter "Default input properties")
Methods	authenticatestepup
Input	connection.ClientCert (caller, required) Client certificate, used by the authenticating user in PEM format.
Transitions	strong: Certificate upload successful. User is now strongly authenticated.
	weak: Certificate upload successful. User is now weakly authenticated.
	failed: Certificate upload failed, i.e., certificate check failed or the same certificate is already registered within the client (tenant) of the user.
	clientNotFound: User uses an unsupported client-ID or the "default" client-ID (see input above) is not available.
Output	certificate.id: External ID of the created certificate credential.
Errors	1: no certificate in request (caller does not send a client certificate); 1: client does not match previous authentication; 100: certificate already registered within the client (tenant) of the user
Notes	None

Example

<AuthState
name="IdmUploadCertificate class="ch.nevis.idm.authstate.Idm
UploadCertificateState" final="false">
 <ResultCond name="ok:weak" next="PostProcessing"/>
 <ResultCond name="ok:strong" next="PostProcessing"/>
 <ResultCond name="failed" next="IdmUserIdPasswordLogin"/>
 <Response value="AUTH_ERROR">
 <Gui name="AuthFailDialog" />
 </Response>
<propertyRef name="IdmCertificateLogin"/>
</AuthState>