Anyone know if it's remotely possible to piece together a "cert and form" custom authentication scheme?
Looking at the SDK overview, they have an SM_CRED_CERT_OR_FORM but I don't see one for the "CERT AND FORM".
The scenario I have is attempting to implement a "username hint" functionality like Windows has for logging into multiple identities with one certificate. SiteMinder currently fails this because it matches more than one user during cert mapping if that is assigned to more than one user.
I also don't want the user to have to enter a username+password, but instead just perform certificate authentication + passing the user they wish to log in as in the form. The mapping would execute the LDAP search based on both those pieces of information and match only a single user.