Hello Stefan, Thanks for the confirmation. I will look into my code. I use a handler in the inflow for authorisation. This is where i try to get cert details.
I configured the apache web server with SSLOptions directive ExportCertData and StdEnvVars. I will first try the same code that you gave and see what happens. Thanks again. Kind regards, Erwin -----Original Message----- From: Chefo [mailto:[EMAIL PROTECTED] Sent: Fri 7/18/2008 11:17 AM To: axis-user@ws.apache.org Cc: Subject: Re: Getting x509 certificate info Hi Erwin, It's very strange that the servlet request is not there... I checked out the axis servlet and in AxisServlet#createMessageContext there is a line msgContext.setProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST, request); so if you are using the axis servlet you should have access to the request. I've tested this on tomcat 5.5.26 (without apache) with ssl + client certificate required, using axis2 client and I'm positive it works. The request is available and the certificate chain can be obtained from it. I think I read somewhere that if you are using an apache with the tomcat you should do some configuration in the apache so that it passes the client certificate to the tomcat... Regards, Stefan On Fri, Jul 18, 2008 at 9:05 AM, Erwin Reinhoud <[EMAIL PROTECTED]> wrote: > > Hello Stefan, > > Thanks for the reply. > > I have tried this but the HttpServletRequest seems to be always null. I > have not set up ssl trough axis2 (exept vor the part in web.xml) but in > tomcat with client authentication. Is there anything else i need to do? > > An other setup i am busy with is with apache 2.2 web server as load > ballancer/ssloffloader in front of two tomcat 6.0 instances using > mod_proxy_ajp. Can i use the same code in this case? > > Thanks again. > > Kind regards, > > Erwin > > > > > -----Original Message----- > From: Chefo [mailto:[EMAIL PROTECTED] > Sent: Thu 7/17/2008 5:09 PM > To: axis-user@ws.apache.org > Cc: > Subject: Re: Getting x509 certificate info > Hi, > > the whole http servlet request is available through the message context > > Object requestProperty = > msgContext.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST); > if (requestProperty != null && requestProperty instanceof > HttpServletRequest) { > HttpServletRequest request = (HttpServletRequest)requestProperty; > Object certificateChainAtt = > request.getAttribute("javax.servlet.request.X509Certificate"); > if (certificateChainAtt != null && certificateChainAtt instanceof > X509Certificate[]) { > X509Certificate[] certificateChain = > (X509Certificate[])certificateChainAtt > } > } > > You may wanna verify whether it is expected to have the client certificate > in case you have a security policy with transport binding and > RequireClientCertificate set... > > Regards, > Stefan > > On Thu, Jul 17, 2008 at 4:28 PM, Erwin Reinhoud <[EMAIL PROTECTED]> > wrote: > > > Hello All, > > > > I have my axis2 application running in tomcat 6.0. The endpoint is > > secured bij SSL/TLS with client authentication by use of tomcat > > server.xml en axis2 web.xml. I want to get x509 certificate info through > > an axis2 inflow handler. Is this possible and how would i go about this? > > > > Thanks in advance. > > > > Kind regards, > > Erwin > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] >
<<winmail.dat>>
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
