tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 35229] - alert user about expired certificates in client cert authentication in an understandable way
Date Fri, 09 Dec 2005 20:46:46 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=35229>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=35229


hauser@acm.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|WONTFIX                     |




------- Additional Comments From hauser@acm.org  2005-12-09 21:46 -------
OK, here comes a proposal:

1) in org.apache.coyote.http11.Http11Processor.action() in 
...
        } else if (actionCode == ActionCode.ACTION_REQ_SSL_CERTIFICATE) {
            if( sslSupport != null) {
                /*
                 * Consume and buffer the request body, so that it does not
                 * interfere with the client's handshake messages
                 */
                InputFilter[] inputFilters = inputBuffer.getFilters();
                ((BufferedInputFilter) inputFilters[Constants.BUFFERED_FILTER])
                    .setLimit(maxSavePostSize);
                inputBuffer.addActiveFilter
                    (inputFilters[Constants.BUFFERED_FILTER]);
                try {
                    Object sslO = sslSupport.getPeerCertificateChain(true);
                    if( sslO != null) {
                        request.setAttribute
                            (SSLSupport.CERTIFICATE_KEY, sslO);
                    }
                } catch (Exception e) {
                    log.warn(sm.getString("http11processor.socket.ssl"), e);
//todo: HERE you need to throw that exception again!
                }
            }

2) in interface
   org.apache.coyote.ActionHook.action(ActionCode actionCode, Object param)
   an exception must be thrown!

3) in org.apache.catalina.authenticator.SSLAuthenticator.authenticate(Request
request, Response response, LoginConfig config) ,
   after 
request.getCoyoteRequest().action(
                    ActionCode.ACTION_REQ_SSL_CERTIFICATE, null);
in the catch-block put the  exception into the request:
possibly something like

              request.getCoyoteRequest().setAttribute(
                    "SSLAuthenticator-Exception", e);

then return "true" otherwise, the web-application programmer will never see it.

Then, back in the web-application, we could analyze the exception and display an
appropriate i18n error message.

I guess the challenge will be to make this fail-safe: how do we prevent the
negligent web-application programmer from believing the client cert auth was
successful

-- 
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message