From f782ffd3269d093606c35c80c463e7712fd6567d Mon Sep 17 00:00:00 2001 From: Soumik Sarker Date: Tue, 29 Apr 2025 03:17:14 +0600 Subject: [PATCH] Reformatted lines in x509 overview documentation Signed-off-by: Soumik Sarker --- docs/modules/ROOT/pages/servlet/authentication/x509.adoc | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/docs/modules/ROOT/pages/servlet/authentication/x509.adoc b/docs/modules/ROOT/pages/servlet/authentication/x509.adoc index 7180e1eef50..26dbb1a9008 100644 --- a/docs/modules/ROOT/pages/servlet/authentication/x509.adoc +++ b/docs/modules/ROOT/pages/servlet/authentication/x509.adoc @@ -8,14 +8,12 @@ The browser automatically checks that the certificate presented by a server has You can also use SSL with "`mutual authentication`". The server then requests a valid certificate from the client as part of the SSL handshake. The server authenticates the client by checking that its certificate is signed by an acceptable authority. If a valid certificate has been provided, it can be obtained through the servlet API in an application. -The Spring Security X.509 module extracts the certificate by using a filter. -It maps the certificate to an application user and loads that user's set of granted authorities for use with the standard Spring Security infrastructure. - -You can also use SSL with "`mutual authentication`". The server then requests a valid certificate from the client as part of the SSL handshake. -The server authenticates the client by checking that its certificate is signed by an acceptable authority. For example, if you use Tomcat, you should read the https://tomcat.apache.org/tomcat-10.1-doc/ssl-howto.html[Tomcat SSL instructions]. You should get this working before trying it out with Spring Security. +The Spring Security X.509 module extracts the certificate by using a filter. +It maps the certificate to an application user and loads that user's set of granted authorities for use with the standard Spring Security infrastructure. + == Adding X.509 Authentication to Your Web Application Enabling X.509 client authentication is very straightforward.