tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefán F. Stefánsson <stef...@snote.decode.is>
Subject RE: stupid question on array return by javax.servlet.request.X509Certificateattribute
Date Mon, 18 Dec 2000 16:26:04 GMT
The idea (I think) is to have the certificate chain in there.  Your
client certificate is signed by some authority which may, in turn, be
signed by someone else and so on...
 
So you could get your client certificate as the first element, the one
who signed his certificate as the second and so on.
 
Regards,
    Stefan

-----Original Message-----
From: jerome.camilleri@bull.net [mailto:jerome.camilleri@bull.net]
Sent: 18. desember 2000 16:16
To: tomcat-dev@jakarta.apache.org
Cc: shachor@il.ibm.com; horn_ken@jpmorgan.com
Subject: stupid question on array return by
javax.servlet.request.X509Certificateattribute



Why the attribute 'javax.servlet.request.X509Certificate' return an
array of X509Certificate. 
I don't understand how it's possible because when my client choose an
certificate, he chooses only one... 
For my test array contain always one element... so is it an
specification to anticipate the future ? 

Best Regards 

>>The type is javax.servlet.request.X509Certificate[]  ?? ie an array
not a
>>single instance..





>>jerome.camilleri@bull.net on 18/12/2000 05:03:48

>>Please respond to tomcat-dev@jakarta.apache.org

>>To:   tomcat-dev@jakarta.apache.org
>>cc:   stefanf@mx1.decode.is (bcc: Ken X Horn)
>>Subject:  RE:RE:  Réf. : RE: X509 client certificate (Mr. McClanahan,
>>      please take a look at this)



>>Excuse for my determination but my problem was not solve...
>> 
>>After change my serveur.xml to clientAuth="true"  like Craig R.
McClanahan
>>said,
>>I fall again on my first exception when I try to extract the
certificate
>>request because
>>object associate with ùrequest attributes nameés
>>'javax.servlet.request.X509Certificate'
>>aren't of well-known type java.security.cert.X509Certificate but
>>[Ljava.security.cert.X509Certificate;@13a66f !!!!!

>>My snoop servlet give me this fragment information :
>>Request attributes:
>>   filters.ExampleFilter.SERVLET_MAPPED =
>>InvokerFilter(ApplicationFilterConfig[name=Servlet Mapped Filter,
>>filterClass=filters.ExampleFilter])
>>   javax.servlet.request.key-size = 40
>>   javax.servlet.request.X509Certificate =
>>[Ljava.security.cert.X509Certificate;@13a66f
>>   filters.ExampleFilter.PATH_MAPPED =
>>InvokerFilter(ApplicationFilterConfig[name=Path Mapped Filter,
>>filterClass=filters.ExampleFilter])
>>   javax.servlet.request.cipher-suite = SSL_RSA_EXPORT_WITH_RC4_40_MD5

>>and my catalina server crash on exception when I try to cast this
strange
>>objet to java.security.cert.X509Certificate
>>Exception dans le traitement de la requête sécurisée :
>>java.lang.ClassCastException: [Ljava.security.cert.X509Certificate;
>>        at SnoopServlet.doGet(SnoopServlet.java:68)
>>        at
javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
>>        at
javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
>>        at
>>org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDisp.
...


>>Any idea?

>>Best regards 

>>Jérôme 

Jérôme


Mime
View raw message