DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=41883>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41883 Summary: use abstract wrapper instead of plain X509Certificate during client authentication Product: Tomcat 6 Version: unspecified Platform: Other OS/Version: other Status: NEW Severity: enhancement Priority: P2 Component: Catalina AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: [EMAIL PROTECTED] After a client certificate authentication, the certificate is in org.apache.catalina.Globals.CERTIFICATES_ATTR As per the object oriented coding and design principles, I'd expect that a cert would also entail methods to e.g. check the its CRL status, etc. java.security.cert.X509Certificate unfortunately doesn't. In order to enable programmers to use smarter extensions of the certificate object, I suggest 1) Tomcat to use an extension of the X509Certificate object that has a constructor with the X509Certificate as an argument 2) add an attribute in the server.xml's Connector element such that another implementation can be specified - e.g. "X509CertClass" (http://tomcat.apache.org/tomcat-5.5-doc/config/http.html#SSL%20Support) This allows to use such a smarter certificate implementation in org.apache.catalina.authenticator.SSLAuthenticator as well as later on in the business logic, e.g. accessed via the httpServletRequest of an MVC framework such as struts, by simply putting that implementation into CATALINA_HOME/common/[lib/classes] -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
