IdmRevokeCertState
This AuthState is a processing AuthState.
This plug-in provides a handling of revoked certificates. If a user tries to log in with a revoked certificate, the certificate's state will be updated accordingly: The state is set to "disabled" and the change reason code is set to "cert-revoked".
If the certificate is registered for several users of different clients, the corresponding certificate credential of all those users will be revoked.
| Topic | Description |
|---|---|
| Class | ch.nevis.idm.authstate.IdmRevokeCertState |
| Logging | IdmAuth |
| Auditing | none |
| Marker | NevisIDM:mutation |
| Properties | none |
| Methods | process (all events) |
| Input | none |
| Transitions | ok: The certificate state could be updated. |
| failed: The certificate state could not be updated (for example, the certificate was not found) | |
| clientNotFound: User uses an unsupported client ID or the "default" client ID (see input above) is not available. | |
| Output | none |
| Errors | none |
| Notes | none |
Example
<AuthState name="IdmCertRevoke"
class="ch.nevis.idm.authstate.IdmRevokeCertState" final="false">
<ResultCond name="ok" next="AuthCertRevokedError"/>
<ResultCond name="failed" next="AuthCertRevokedError"/>
<Response value="AUTH_ERROR">
<Gui name="AuthFailDialog" />
</Response>
</AuthState>