https://issues.apache.org/bugzilla/show_bug.cgi?id=56825
Bug ID: 56825
Summary: AuthenticatorBase not looking for Coyote Request
certificate
Product: Tomcat 7
Version: trunk
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: Catalina
Assignee: [email protected]
Reporter: [email protected]
When using Tomcat SSL coyote connector, the request does not by default contain
the certificate chain under the key javax.servlet.request.X509Certificate
The following coyote action must be invoked in order to extract the certificate
chain and enrich the request under the right key.
This makes it impossible to use the SSLAuthenticator with preemptive mode for
example.
Provided a test to reproduce and the fix within the patch file.
I tried to follow Tomcat guidelines and coding rules. If not lemme know so that
I can resubmit a new patch.
Not tested under Tomcat 6 and 8 but, the AuthenticatorBase does not change a
lot over versions so I guess the bug existed before Tomcat 7 and still exists
in Tomcat 8.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
