Also, I've already got a custom implementation of DefaultCoreSession, can I get the certificate from the IoSession? Or should I be asking that question to the MINA list?
Thanks On Fri, Mar 13, 2015 at 7:55 AM, Marc Boorshtein <[email protected]> wrote: > >> here you have access to the certificate and this is the only place where >> you have a chance to see it, >> and if you want to store it for any other purpose then you need to extend >> server, cause certs are useless >> after establishing a secure channel. >> >>> >>> > Well thats untrue. The certificate can be used for user mapping, > authorization, etc. This is VERY common in the HTTP world. In a servlet > you can get the certificate, DN, etc from the request object. > > That being said, I have extended the server ( > http://sourceforge.net/p/myvd/code/HEAD/tree/trunk/MyVD/src/main/java/org/apache/directory/server/ldap/LdapServer.java) > mainly so I can do custom SSL implementations so I can easily create a > custom trust manager. The question becomes how can I associate the cert I > get from the trust manager to an LDAP session? Neither the trust manager > nor the keystore actually has that context. > > Thanks > Marc >
