Thanks for the suggestion. I'll give this a try and let you know how it works.
-- Jim Wong ([EMAIL PROTECTED]) -----Original Message----- From: Wagle, Shriniwas [mailto:[EMAIL PROTECTED] Sent: Thursday, October 14, 2004 10:10 AM To: [EMAIL PROTECTED] Subject: RE: SSL Client Auth with Tomcat and Axis What you are attempting is a good idea. I have not tried this, but what I'd try is: 1. Get the axis message context. I believe you'll have to setup a Handler to do that. 2. Once you have the message context, you can get to the http servlet request from it using one of the properties listed in HTTPConstants.*. 3. Then use the request.getAttribute ("javax.servlet.request.X509Certificate") to get the client cert. 4. From the cert you can get all sorts of client information. I had been planning to do this, but never actually got around to trying it out. So a bit curious and would be keen on knowing the results you got. Thanks -----Original Message----- From: Jim Wong [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 13, 2004 7:52 PM To: [EMAIL PROTECTED] Subject: SSL Client Auth with Tomcat and Axis On a somewhat related note, I'm just getting started on trying to build an application using Axis, Tomcat and SSL. I would like to use client authentication, but I haven't been able to find documentation that explains how (assuming it's possible) one could access information from the client's certificate from within a web service or handler. Am I missing something blindingly obvious? As I mentioned, I'm new to this, so it's distinctly possible... -- Jim Wong ([EMAIL PROTECTED]) -----Original Message----- From: Hubble, Christopher [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 12, 2004 5:58 AM To: '[EMAIL PROTECTED]' Subject: RE: 2 way SSL with Axis and Tomcat as a Service I pretty much used this guide (and the new chapter it links to) to do it. http://www.pankaj-k.net/WSOverSSL/WSOverSSL-HOWTO.html Pretty much everything you need to know is in the SSL section of the new chapter. It starts on page 16 of the pdf. You gen your keystores and truststores, making sure to place them on the appropriate machines. Then change server.xml. I didn't use JCEKS and all of my stuff works. The hard part was installing Tomcat as a service with the truststore attribute set. For some reason, Tomcat doesn't let you set it in server.xml. Then you just modify your client to use https and include the keystore and truststore. Other than a typo, the CL version worked perfectly. I had to just play around with tomcat.exe to get it installed as a service, tho. Chris -----Original Message----- From: Silvano Maffeis [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 12, 2004 2:30 AM To: [EMAIL PROTECTED] Subject: Re: 2 way SSL with Axis and Tomcat as a Service Hubble, Christopher wrote: >Welp, after much trial and tribulation, I finally got axis using 2 way ssl. >This required me to custom set up tomcat as a service, and I finally >got that working. Once I get my code all cleaned up, I'll post the >relavent details. > >Chris > > That would be much appreciated, thanks :-) Silvano This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, do not forward this email to any other person, delete this e-mail and destroy all copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal. This e-mail and any attachments may contain confidential and privileged information. If you are not the intended recipient, please notify the sender immediately by return e-mail, do not forward this email to any other person, delete this e-mail and destroy all copies. Any dissemination or use of this information by a person other than the intended recipient is unauthorized and may be illegal.
