Skip to main content
Version: 2.82.x.x LTS

IdmRevokeCertState

This AuthState is a processing AuthState.

This plug-in provides a handling of revoked certificates. If a user tries to log in with a revoked certificate, the certificate's state will be updated accordingly: The state is set to "disabled" and the change reason code is set to "cert-revoked".

If the certificate is registered for several users of different clients, the corresponding certificate credential of all those users will be revoked.

TopicDescription
Classch.nevis.idm.authstate.IdmRevokeCertState
LoggingIdmAuth
Auditingnone
MarkerNevisIDM:mutation
Propertiesnone
Methodsprocess (all events)
Inputnone
Transitionsok: The certificate state could be updated.
failed: The certificate state could not be updated (for example, the certificate was not found)
clientNotFound: User uses an unsupported client ID or the "default" client ID (see input above) is not available.
Outputnone
Errorsnone
Notesnone

Example

<AuthState name="IdmCertRevoke"
class="ch.nevis.idm.authstate.IdmRevokeCertState" final="false">
<ResultCond name="ok" next="AuthCertRevokedError"/>
<ResultCond name="failed" next="AuthCertRevokedError"/>
<Response value="AUTH_ERROR">
<Gui name="AuthFailDialog" />
</Response>
</AuthState>