Hi On Wed, Dec 29, 2010 at 5:40 PM, mohamadan <[email protected]> wrote:
> > Hi, > We have Client code talking to Server deployed on Apache CXF. Client uses > (https + client certificate) to connect with server using JAX-WS or JAX-RS. > > We are trying to figure out if it is possible to retrieve "Client > certificate" on the server using an interceptor ? Is it possible to do so ? > Please advice. > > You can get a current CXF SecurityContext from a message like this : (SecurityContext)message.get(org.apache.cxf.security.SecurityContext.class) and then access a current Principal - the instance can probably be cast to some container-specific class that might provide more information about the client certs... Just in case, the actual HttpServletRequest can be retrieved from the message using an AbstractHttpDestination.HTTP_REQUEST key... cheers, Sergey Thank you. > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/Access-Client-Certificate-on-Server-side-tp3321582p3321582.html > Sent from the cxf-user mailing list archive at Nabble.com. >
