tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christoph Ender <chrli...@moondock.org>
Subject Re: How to access X509 Certificate?
Date Mon, 03 Sep 2001 23:26:15 GMT


> Christoph Ender wrote:
> > Hey all,
> > I'm trying to access the certificate that the user has sent to
> > authenticate himself. I'm using the Tomcat/Apache combo. Apache correctly
> > exports the Certificate to the "SSL_CLIENT_CERT" environment variable, but
> > when I try to read "javax.servlet.request.X509Certificate", Tomcat always
> > returns null. The list of attributes is always empty.
> > I've uncommented JkHTTPSIndicator HTTPS, JkSESSIONIndicator SSL_SESSION_ID,
> > JkCIPHERIndicator SSL_CIPHER, JkCERTSIndicator SSL_CLIENT_CERT and set
> > JkExtractSSL to On. I'm sure the Ajp13 protocol is used since I've
> > disabled everything else.
> > What am I missing here? Any help greatly appreciated!

On Mon, 3 Sep 2001, jean-frederic clere wrote:
> What code are you using?

If you're referring to versions:
 Tomcat is version 3.2.2, Apache 1.3.20, the servlet jar 2.2b.

In case you're referring how to check for the certificate :-) :
    System.out.println(request.isSecure());
    System.out.println(request.getProtocol());
    System.out.println(request.getScheme());
    System.out.println(request.getServerPort());

    System.out.println("--- start headernames ---");
    enum = request.getHeaderNames();
    while (enum.hasMoreElements()) {
      thisparameter = (String)enum.nextElement();
      System.out.println(thisparameter);
    }
    System.out.println("--- end headernames --- ");

    System.out.println("--- start attributenames ---");
    enum = request.getAttributeNames();
    while (enum.hasMoreElements()) {
      thisparameter = (String)enum.nextElement();
      System.out.println(thisparameter);
    }
    System.out.println("--- end attributenames --- ");

    Object o = request.getAttribute("javax.servlet.request.X509Certificate");
    if (o == null)
      System.out.println("request.getAttribute(\"javax.servlet.request.X509Certificate\")
== null.");



These lines produce the following output:

true
HTTP/1.0
https
443
--- start headernames ---
accept
accept-charset
pragma
accept-encoding
host
accept-language
connection
user-agent
--- end headernames ---
--- start attributenames ---
--- end attributenames ---
request.getAttribute("javax.servlet.request.X509Certificate") == null.




Regards,
Christoph.




Mime
View raw message