Re: How to access X509 Certificate?
Hi, instead of Object, try with: String strX509 = new String(); strX509 = (String) req.getAttribute(javax.servlet.request.X509Certificate); if( strX509 != null ) { try { byte [] byX509 = strX509.getBytes(); //change with your security provider iaik.x509.X509Certificate xcUser = new iaik.x509.X509Certificate(byX509); Principal prDN = xcUser.getIssuerDN(); Principal prCN = xcUser.getSubjectDN(); } catch( java.security.cert.CertificateException jc) { } } Hope this may help. Tito Santini NETikos S.p.A. Via Matteucci, 34 B 56124 PISA - ITALY Tel.: + 39 050 968 671 Fax: + 39 050 968 626 mailto:[EMAIL PROTECTED] www.netikos.com - Original Message - From: Christoph Ender [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Tuesday, September 04, 2001 1:26 AM Subject: Re: How to access X509 Certificate? Christoph Ender wrote: Hey all, I'm trying to access the certificate that the user has sent to authenticate himself. I'm using the Tomcat/Apache combo. Apache correctly exports the Certificate to the SSL_CLIENT_CERT environment variable, but when I try to read javax.servlet.request.X509Certificate, Tomcat always returns null. The list of attributes is always empty. I've uncommented JkHTTPSIndicator HTTPS, JkSESSIONIndicator SSL_SESSION_ID, JkCIPHERIndicator SSL_CIPHER, JkCERTSIndicator SSL_CLIENT_CERT and set JkExtractSSL to On. I'm sure the Ajp13 protocol is used since I've disabled everything else. What am I missing here? Any help greatly appreciated! On Mon, 3 Sep 2001, jean-frederic clere wrote: What code are you using? If you're referring to versions: Tomcat is version 3.2.2, Apache 1.3.20, the servlet jar 2.2b. In case you're referring how to check for the certificate :-) : System.out.println(request.isSecure()); System.out.println(request.getProtocol()); System.out.println(request.getScheme()); System.out.println(request.getServerPort()); System.out.println(--- start headernames ---); enum = request.getHeaderNames(); while (enum.hasMoreElements()) { thisparameter = (String)enum.nextElement(); System.out.println(thisparameter); } System.out.println(--- end headernames --- ); System.out.println(--- start attributenames ---); enum = request.getAttributeNames(); while (enum.hasMoreElements()) { thisparameter = (String)enum.nextElement(); System.out.println(thisparameter); } System.out.println(--- end attributenames --- ); Object o = request.getAttribute(javax.servlet.request.X509Certificate); if (o == null) System.out.println(request.getAttribute(\javax.servlet.request.X509Certifi cate\) == null.); These lines produce the following output: true HTTP/1.0 https 443 --- start headernames --- accept accept-charset pragma accept-encoding host accept-language connection user-agent --- end headernames --- --- start attributenames --- --- end attributenames --- request.getAttribute(javax.servlet.request.X509Certificate) == null. Regards, Christoph.
Re: How to access X509 Certificate?
Christoph Ender wrote: Hey all, I'm trying to access the certificate that the user has sent to authenticate himself. I'm using the Tomcat/Apache combo. Apache correctly exports the Certificate to the SSL_CLIENT_CERT environment variable, but when I try to read javax.servlet.request.X509Certificate, Tomcat always returns null. The list of attributes is always empty. I've uncommented JkHTTPSIndicator HTTPS, JkSESSIONIndicator SSL_SESSION_ID, JkCIPHERIndicator SSL_CIPHER, JkCERTSIndicator SSL_CLIENT_CERT and set JkExtractSSL to On. I'm sure the Ajp13 protocol is used since I've disabled everything else. What am I missing here? Any help greatly appreciated! Thanks in advance, Christoph. What code are you using?
Re: How to access X509 Certificate?
Christoph Ender wrote: Hey all, I'm trying to access the certificate that the user has sent to authenticate himself. I'm using the Tomcat/Apache combo. Apache correctly exports the Certificate to the SSL_CLIENT_CERT environment variable, but when I try to read javax.servlet.request.X509Certificate, Tomcat always returns null. The list of attributes is always empty. I've uncommented JkHTTPSIndicator HTTPS, JkSESSIONIndicator SSL_SESSION_ID, JkCIPHERIndicator SSL_CIPHER, JkCERTSIndicator SSL_CLIENT_CERT and set JkExtractSSL to On. I'm sure the Ajp13 protocol is used since I've disabled everything else. What am I missing here? Any help greatly appreciated! On Mon, 3 Sep 2001, jean-frederic clere wrote: What code are you using? If you're referring to versions: Tomcat is version 3.2.2, Apache 1.3.20, the servlet jar 2.2b. In case you're referring how to check for the certificate :-) : System.out.println(request.isSecure()); System.out.println(request.getProtocol()); System.out.println(request.getScheme()); System.out.println(request.getServerPort()); System.out.println(--- start headernames ---); enum = request.getHeaderNames(); while (enum.hasMoreElements()) { thisparameter = (String)enum.nextElement(); System.out.println(thisparameter); } System.out.println(--- end headernames --- ); System.out.println(--- start attributenames ---); enum = request.getAttributeNames(); while (enum.hasMoreElements()) { thisparameter = (String)enum.nextElement(); System.out.println(thisparameter); } System.out.println(--- end attributenames --- ); Object o = request.getAttribute(javax.servlet.request.X509Certificate); if (o == null) System.out.println(request.getAttribute(\javax.servlet.request.X509Certificate\) == null.); These lines produce the following output: true HTTP/1.0 https 443 --- start headernames --- accept accept-charset pragma accept-encoding host accept-language connection user-agent --- end headernames --- --- start attributenames --- --- end attributenames --- request.getAttribute(javax.servlet.request.X509Certificate) == null. Regards, Christoph.
How to access X509 Certificate?
Hey all, I'm trying to access the certificate that the user has sent to authenticate himself. I'm using the Tomcat/Apache combo. Apache correctly exports the Certificate to the SSL_CLIENT_CERT environment variable, but when I try to read javax.servlet.request.X509Certificate, Tomcat always returns null. The list of attributes is always empty. I've uncommented JkHTTPSIndicator HTTPS, JkSESSIONIndicator SSL_SESSION_ID, JkCIPHERIndicator SSL_CIPHER, JkCERTSIndicator SSL_CLIENT_CERT and set JkExtractSSL to On. I'm sure the Ajp13 protocol is used since I've disabled everything else. What am I missing here? Any help greatly appreciated! Thanks in advance, Christoph.