Hello, I am attempting to figure out if it is possible to retrieve certificate information that was sent by the client as part of a web service request. The catch is it isn't using WS Security, it is simply HTTP authentication with the certificate.
What I am trying to achieve is basically this: A client sends a request to a web service with their certificate as part of the request. The server verifies that it trusts the certificate. The web service uses the certificate information to figure out who the client is and then send that client ID information down the line to other systems. I was able to find some information on using MessageContext to get the HttpServletRequest which then you are supposed to be able to get the certificate used by calling getAttribute on the request. However, I couldn't find any information on doing this in Axis2. This solution will likely be deployed in JBoss but it could potentially end up in Tomcat. Is it possible to do what I am attempting to do with Axis2? Or should I be looking for another solution to achieve this? Is there any software that will provide functionality similar to what I am after? Any help will be greatly appreciated. Regards, David
