felix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Felix Meschberger (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (FELIX-4230) Enhance the Felix request SSL filter to provide the cert as a request attribute
Date Fri, 15 Nov 2013 13:27:21 GMT

    [ https://issues.apache.org/jira/browse/FELIX-4230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13823648#comment-13823648
] 

Felix Meschberger commented on FELIX-4230:
------------------------------------------

Fine with me. Thanks.

> Enhance the Felix request SSL filter to provide the cert as a request attribute
> -------------------------------------------------------------------------------
>
>                 Key: FELIX-4230
>                 URL: https://issues.apache.org/jira/browse/FELIX-4230
>             Project: Felix
>          Issue Type: Improvement
>          Components: HTTP Service
>            Reporter: Timothee Maret
>            Assignee: Felix Meschberger
>             Fix For: http-2.2.2
>
>
> The HTTP SSL Filter allows simulating an HTTPS request on a system sitting behind an
SSL terminating proxy. The proxy forwards SSL information to the system and the filter resurrects
the SSL behavior for the web application.
> Apart from just resurrecting the fact that the original request was secure, it is sometimes
also required to get at the client's certificate (if provided) used on the HTTPS session.
> The expectation is that the SSL terminating proxy provides the certificate in linearized
(line breaks replaced by single blanks) PEM format in the "X-Forwarded-SSL-Certificate" header.
The filter will convert this header value in an X509Certificate[] array to be set as the "javax.servlet.request.X509Certificate"
request attribute as defined by the servlet API specification.



--
This message was sent by Atlassian JIRA
(v6.1#6144)

Mime
View raw message