On Thu, May 14, 2009 at 7:20 AM, David Meiklejohn <[email protected]>wrote:
> Hello, > > I am attempting to figure out if it is possible to retrieve certificate > information that was sent by the client as part of a web service request. > The catch is it isn't using WS Security, it is simply HTTP authentication > with the certificate. > > What I am trying to achieve is basically this: > > A client sends a request to a web service with their certificate as part of > the request. > The server verifies that it trusts the certificate. > The web service uses the certificate information to figure out who the > client is and then send that client ID information down the line to other > systems. > > I was able to find some information on using MessageContext to get the > HttpServletRequest which then you are supposed to be able to get the > certificate used by calling getAttribute on the request. However, I couldn't > find any information on doing this in Axis2. I am not familiar with you situation. But any thing you can do with a servlet can be done with an Axis2 service once you get the HttpServletRequest. thanks, Amila. > > > This solution will likely be deployed in JBoss but it could potentially end > up in Tomcat. Is it possible to do what I am attempting to do with Axis2? Or > should I be looking for another solution to achieve this? Is there any > software that will provide functionality similar to what I am after? > > Any help will be greatly appreciated. > > Regards, > David > -- Amila Suriarachchi WSO2 Inc. blog: http://amilachinthaka.blogspot.com/
