cac-agent (Common Access Card Integration for Developers)

Overview

This package has the following major components:

cac-ssl-relay: A local daemon that transparently wraps traffic with a CAC-protected TLS tunnel
- Client applications can access the remote, CAC-protected services without any direct CAC integration
- When you connect through this daemon, you're only prompted for a CAC PIN on the first request
- This works great with private SSL/TLS-protected services including Git, Maven, NPM, and Docker
  - In the case of Docker, you'll have to make sure that you setup local SSL or else the server can get confused by the transition between HTTP and HTTPS
cac-jgit: A version of the jGit CLI with bundled CAC support
- This works as a standalone replacement for command line Git, without the need for cac-ssl-relay
- Note that jGit is missing a handful of convenience commands, such as git pull (instead you have to run jgit fetch then git merge ... explicitly).

NOTE: If you are just looking for CAC integration for git on Windows, you might try Github Desktop. It integrates with the Windows Certifcate Manager. Thus, if your CAC is already configured and working for IE/Edge, it should work with Github Desktop. To prevent Github Desktop from changing LF to CRLF on checkout you can configure git:

 git config core.eol lf
 git config core.autocrlf input

cac-agent: A generalized CAC integration for Java
- You can use this libary to add a Swing-popup or CLI-prompt to select/use a CAC certificate for SSL (HTTPS) operations This especially useful if your card has more than one certificate, otherwise Java always uses the first certificate.
- The apps above depend upon this library
- This library is available from the cac-agent Maven repo

Quick Start

Setup cac-agent (required for cac-ssl-relay and cac-jgit):

Ensure that you're running JRE 8 or 10+ (9 may not work)
Download the the latest binary from the GitHub Maven repo.
- cac-ssl-relay: Get the cac-ssl-relay-XXX-jar-with-dependencies.jar file
- cac-jgit: Get the cac-jgit-XXX-jar-with-dependencies.jar file
Create the cac-agent Truststore
Configure
- Configure cac-agent for Linux
- Configure cac-agent for Windows

Using cac-agent:

Other Notes

Text-Only Mode (instead of a the graphical interface)
Storing Username/Password (skipping prompt)
Setting Up PKCS11 CAC Drivers in Ubuntu 16
Profile Support (multiple cac-agent configurations)
Using cac-agent with Older JGit Releases

Name		Name	Last commit message	Last commit date
Latest commit History 251 Commits
.circleci		.circleci
.mvn/wrapper		.mvn/wrapper
cac-agent		cac-agent
cac-jgit		cac-jgit
cac-ssl-relay		cac-ssl-relay
docs		docs
src/main/java/com/moesol/cac/agent/smartcard		src/main/java/com/moesol/cac/agent/smartcard
.bookignore		.bookignore
.gitattributes		.gitattributes
.gitignore		.gitignore
Building-cac-agent.md		Building-cac-agent.md
LICENSE-2.0.txt		LICENSE-2.0.txt
README.md		README.md
mvnw		mvnw
mvnw.cmd		mvnw.cmd
pom.xml		pom.xml
public-settings.xml		public-settings.xml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

cac-agent (Common Access Card Integration for Developers)

Overview

Quick Start

Other Notes

Notes to cac-agent Developers

About

Releases 2

Packages

Contributors 9

Languages

MoebiusSolutions/cac-agent

Folders and files

Latest commit

History

Repository files navigation

cac-agent (Common Access Card Integration for Developers)

Overview

Quick Start

Other Notes

Notes to cac-agent Developers

About

Resources

Stars

Watchers

Forks

Releases 2

Packages 0

Contributors 9

Languages

Packages