That's one way to do it, but it isn't the way I usually design my restlet applications.
I do all of my authentication and authorization in subclasses of the restlet API classes, which are subclasses of filter. These typically sit in front of your resources in a filter chain, which you configure in your router set up in createInboundRoute in your subclass of Application. Steps 9-12 of http://www.restlet.org/documentation/2.0/tutorial have an example that may be useful to you. But if what you have works for your situation, then it looks like you're on the right track. It just may be harder to re-use your code in other restlet applications later on. -Matt On Tue, Jun 7, 2011 at 6:31 AM, lambda daku <lambdad...@gmail.com> wrote: > Thanks for the reply. > > I have few comments on your reply. > > Usually the certificate received at the server side has atleast 2 > certificates - one is a public key of the client and the rest are "n" > trusted entries (in my case it is 1). > > As you have mentioned about the getRequest() method, where do you access it > in a resource or in a application class? I am intercepting the requests in > an application class (which extends from JaxRsApplication), whereby I am > overriding the handle(req,res) method and and getting the desired > attributes, is the following were you referring to?: > > public class MyJaxRsApplication extends JaxRsApplication{ > > @Override > public void handle(Request request, Response response) { > Map<String, Object> map = request.getAttributes(); > @SuppressWarnings("unchecked") > List<X509Certificate> lst = (List<X509Certificate>) > map.get("org.restlet.https.clientCertificates"); > //however the first item in the above list is the user's public key > //here, delegation to the authorization PEP, PAP and PIP will be made > } > .. > > } > > > Many thanks > Daku > > -- > View this message in context: > http://restlet-discuss.1400322.n2.nabble.com/fine-grained-authorization-based-on-DN-X-509-tp6444949p6448938.html > Sent from the Restlet Discuss mailing list archive at Nabble.com. > > ------------------------------------------------------ > > http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2759531 > ------------------------------------------------------ http://restlet.tigris.org/ds/viewMessage.do?dsForumId=4447&dsMessageId=2759653
