Re: How to access X509 Certificate?
Hi,
instead of Object,
try with:
String strX509 = new String();
strX509 = (String)
req.getAttribute(javax.servlet.request.X509Certificate);
if( strX509 != null )
{
try
{
byte [] byX509 = strX509.getBytes();
//change with your security provider
iaik.x509.X509Certificate xcUser = new
iaik.x509.X509Certificate(byX509);
Principal prDN = xcUser.getIssuerDN();
Principal prCN = xcUser.getSubjectDN();
}
catch( java.security.cert.CertificateException jc)
{
}
}
Hope this may help.
Tito Santini
NETikos S.p.A.
Via Matteucci, 34 B
56124 PISA - ITALY
Tel.: + 39 050 968 671
Fax: + 39 050 968 626
mailto:[EMAIL PROTECTED]
www.netikos.com
- Original Message -
From: Christoph Ender [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Tuesday, September 04, 2001 1:26 AM
Subject: Re: How to access X509 Certificate?
Christoph Ender wrote:
Hey all,
I'm trying to access the certificate that the user has sent to
authenticate himself. I'm using the Tomcat/Apache combo. Apache
correctly
exports the Certificate to the SSL_CLIENT_CERT environment variable,
but
when I try to read javax.servlet.request.X509Certificate, Tomcat
always
returns null. The list of attributes is always empty.
I've uncommented JkHTTPSIndicator HTTPS, JkSESSIONIndicator
SSL_SESSION_ID,
JkCIPHERIndicator SSL_CIPHER, JkCERTSIndicator SSL_CLIENT_CERT and set
JkExtractSSL to On. I'm sure the Ajp13 protocol is used since I've
disabled everything else.
What am I missing here? Any help greatly appreciated!
On Mon, 3 Sep 2001, jean-frederic clere wrote:
What code are you using?
If you're referring to versions:
Tomcat is version 3.2.2, Apache 1.3.20, the servlet jar 2.2b.
In case you're referring how to check for the certificate :-) :
System.out.println(request.isSecure());
System.out.println(request.getProtocol());
System.out.println(request.getScheme());
System.out.println(request.getServerPort());
System.out.println(--- start headernames ---);
enum = request.getHeaderNames();
while (enum.hasMoreElements()) {
thisparameter = (String)enum.nextElement();
System.out.println(thisparameter);
}
System.out.println(--- end headernames --- );
System.out.println(--- start attributenames ---);
enum = request.getAttributeNames();
while (enum.hasMoreElements()) {
thisparameter = (String)enum.nextElement();
System.out.println(thisparameter);
}
System.out.println(--- end attributenames --- );
Object o =
request.getAttribute(javax.servlet.request.X509Certificate);
if (o == null)
System.out.println(request.getAttribute(\javax.servlet.request.X509Certifi
cate\) == null.);
These lines produce the following output:
true
HTTP/1.0
https
443
--- start headernames ---
accept
accept-charset
pragma
accept-encoding
host
accept-language
connection
user-agent
--- end headernames ---
--- start attributenames ---
--- end attributenames ---
request.getAttribute(javax.servlet.request.X509Certificate) == null.
Regards,
Christoph.
Re: How to access X509 Certificate?
Christoph Ender wrote: Hey all, I'm trying to access the certificate that the user has sent to authenticate himself. I'm using the Tomcat/Apache combo. Apache correctly exports the Certificate to the SSL_CLIENT_CERT environment variable, but when I try to read javax.servlet.request.X509Certificate, Tomcat always returns null. The list of attributes is always empty. I've uncommented JkHTTPSIndicator HTTPS, JkSESSIONIndicator SSL_SESSION_ID, JkCIPHERIndicator SSL_CIPHER, JkCERTSIndicator SSL_CLIENT_CERT and set JkExtractSSL to On. I'm sure the Ajp13 protocol is used since I've disabled everything else. What am I missing here? Any help greatly appreciated! Thanks in advance, Christoph. What code are you using?
Re: How to access X509 Certificate?
Christoph Ender wrote:
Hey all,
I'm trying to access the certificate that the user has sent to
authenticate himself. I'm using the Tomcat/Apache combo. Apache correctly
exports the Certificate to the SSL_CLIENT_CERT environment variable, but
when I try to read javax.servlet.request.X509Certificate, Tomcat always
returns null. The list of attributes is always empty.
I've uncommented JkHTTPSIndicator HTTPS, JkSESSIONIndicator SSL_SESSION_ID,
JkCIPHERIndicator SSL_CIPHER, JkCERTSIndicator SSL_CLIENT_CERT and set
JkExtractSSL to On. I'm sure the Ajp13 protocol is used since I've
disabled everything else.
What am I missing here? Any help greatly appreciated!
On Mon, 3 Sep 2001, jean-frederic clere wrote:
What code are you using?
If you're referring to versions:
Tomcat is version 3.2.2, Apache 1.3.20, the servlet jar 2.2b.
In case you're referring how to check for the certificate :-) :
System.out.println(request.isSecure());
System.out.println(request.getProtocol());
System.out.println(request.getScheme());
System.out.println(request.getServerPort());
System.out.println(--- start headernames ---);
enum = request.getHeaderNames();
while (enum.hasMoreElements()) {
thisparameter = (String)enum.nextElement();
System.out.println(thisparameter);
}
System.out.println(--- end headernames --- );
System.out.println(--- start attributenames ---);
enum = request.getAttributeNames();
while (enum.hasMoreElements()) {
thisparameter = (String)enum.nextElement();
System.out.println(thisparameter);
}
System.out.println(--- end attributenames --- );
Object o = request.getAttribute(javax.servlet.request.X509Certificate);
if (o == null)
System.out.println(request.getAttribute(\javax.servlet.request.X509Certificate\) ==
null.);
These lines produce the following output:
true
HTTP/1.0
https
443
--- start headernames ---
accept
accept-charset
pragma
accept-encoding
host
accept-language
connection
user-agent
--- end headernames ---
--- start attributenames ---
--- end attributenames ---
request.getAttribute(javax.servlet.request.X509Certificate) == null.
Regards,
Christoph.
How to access X509 Certificate?
Hey all, I'm trying to access the certificate that the user has sent to authenticate himself. I'm using the Tomcat/Apache combo. Apache correctly exports the Certificate to the SSL_CLIENT_CERT environment variable, but when I try to read javax.servlet.request.X509Certificate, Tomcat always returns null. The list of attributes is always empty. I've uncommented JkHTTPSIndicator HTTPS, JkSESSIONIndicator SSL_SESSION_ID, JkCIPHERIndicator SSL_CIPHER, JkCERTSIndicator SSL_CLIENT_CERT and set JkExtractSSL to On. I'm sure the Ajp13 protocol is used since I've disabled everything else. What am I missing here? Any help greatly appreciated! Thanks in advance, Christoph.
