felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "J.W. Janssen (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FELIX-4230) Enhance the Felix request SSL filter to provide the cert as a request attribute
Date Fri, 15 Nov 2013 13:19:21 GMT

    [ https://issues.apache.org/jira/browse/FELIX-4230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13823628#comment-13823628

J.W. Janssen commented on FELIX-4230:

Added some additional logging and exception handling in rev.#1542257. Also did some monkey
tests on the code and did not find anything strange. Can we close this issue to be included
in HTTP-2.2.2?

> Enhance the Felix request SSL filter to provide the cert as a request attribute
> -------------------------------------------------------------------------------
>                 Key: FELIX-4230
>                 URL: https://issues.apache.org/jira/browse/FELIX-4230
>             Project: Felix
>          Issue Type: Improvement
>          Components: HTTP Service
>            Reporter: Timothee Maret
>            Assignee: Felix Meschberger
>             Fix For: http-sslfilter-1.0.0
> The HTTP SSL Filter allows simulating an HTTPS request on a system sitting behind an
SSL terminating proxy. The proxy forwards SSL information to the system and the filter resurrects
the SSL behavior for the web application.
> Apart from just resurrecting the fact that the original request was secure, it is sometimes
also required to get at the client's certificate (if provided) used on the HTTPS session.
> The expectation is that the SSL terminating proxy provides the certificate in linearized
(line breaks replaced by single blanks) PEM format in the "X-Forwarded-SSL-Certificate" header.
The filter will convert this header value in an X509Certificate[] array to be set as the "javax.servlet.request.X509Certificate"
request attribute as defined by the servlet API specification.

This message was sent by Atlassian JIRA

View raw message