IdmRevokeCertState
This AuthState is a processing AuthState.
This plug-in provides a handling of revoked certificates. If a user tries to log in with a revoked certificate, the certificate's state will be updated accordingly: The state is set to "disabled" and the change reason code is set to "cert-revoked".
If the certificate is registered for several users of different clients, the corresponding certificate credential of all those users will be revoked.
Topic | Description |
---|---|
Class | ch.nevis.idm.authstate.IdmRevokeCertState |
Logging | IdmAuth |
Auditing | none |
Marker | NevisIDM:mutation |
Properties | none |
Methods | process (all events) |
Input | none |
Transitions | ok: The certificate state could be updated. |
failed: The certificate state could not be updated (for example, the certificate was not found) | |
clientNotFound: User uses an unsupported client ID or the "default" client ID (see input above) is not available. | |
Output | none |
Errors | none |
Notes | none |
Example
<AuthState name="IdmCertRevoke"
class="ch.nevis.idm.authstate.IdmRevokeCertState" final="false">
<ResultCond name="ok" next="AuthCertRevokedError"/>
<ResultCond name="failed" next="AuthCertRevokedError"/>
<Response value="AUTH_ERROR">
<Gui name="AuthFailDialog" />
</Response>
</AuthState>