Hello, I have developed a web service which uses signature for authentication and message integrity checking. I have managed to get it to work after following this guide: http://wso2.org/library/3415
My challenge is: If I assume that I have a number of clients using this web service, how can I find out exactly which certificate is used to decrypt the signature? In other words, how can I find out exactly which client has sent the request based on the signature? Best regards, Tor-Erik Steinsland 92443033
