tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Luehe <Jan.Lu...@Sun.COM>
Subject How to make CLIENT-CERT protection work?
Date Thu, 16 Oct 2003 01:38:54 GMT
Consider the following scenario:

1. Client sends POST request (with content type other than
    "application/x-www-form-urlencoded") to SSL-enabled server (with
    client auth turned off).

2. Server parses request header, and determines that the resource
    identified by the request-URI is CLIENT-CERT protected.

3. Server's SSLAuthenticator valve reinitiates SSL handshake, w/
    client auth turned on.

4. The server sends its HelloRequest, and expects to read the client's
    ClientHello. However, what it gets is the POST request's body which
    hadn't been read yet.

5. SSL handshake fails.


In order to avoid this problem, SSLAuthenticator.authenticate()
"clears" the socket in the case of a POST request by reading the POST
request's body *before* reinitiating the handshake. To read the POST
body, it calls CoyoteRequest.getParameterMap(), which reads and
processes the POST body only if the content type equals
"application/x-www-form-urlencoded".

Therefore, the SSL re-handshake works according to plan if the content
type equals "application/x-www-form-urlencoded", but fails for any
other content type.

Should we always read the POST body in getParameterMap(), and cache it
in a byte[] if content type is different from
"application/x-www-form-urlencoded", and have
CoyoteRequest.getInputStream()/getReader() return wrappers around this
byte[]?

Any better suggestions?

Thanks,


Jan



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message