[EMAIL PROTECTED] wrote:
>
> On Tue, Apr 11, 2000, [EMAIL PROTECTED] wrote:
>
> > Full_Name: Loonis Wennael
> > Version: apache-mod_ssl-JServ-1.1-0.6.0
> > OS: Linux
> > Submission from: (NULL) (213.228.44.186)
>
> > I want to get the certificate of the SSL user. I use Servlet with
> > JServ.
> > Is there anyway to get the CGI env, like SSL_CIPHER, SSL_CLIENT_CERT, ...
> > I can only get the SSL_CLIENT_DN and SSL_CLIENT_IDN using the
> > org.apache.jserv env.
>
> Yes, there is a way. I'm not a Servlet user, so I've not remembered the
> command. But look inside the modssl-users mailing list archives. AFAIK
> this was already answered two times in the last months.
>
Sorry, I missed the 1rst question.
the latest version of Apache JServ (1.1.1b1) that you can get from
http://www.working-dogs.com/daily snapshots (or using the CVS repo from
java.apache.org) allows any env. vars to be sent over ajpv12 :
you'll have to add to jserv.conf config file :
ApJServEnvVar localName remoteName
by example:
ApJServEnvVar SSL_SESSION_ID SSL_SESSION_ID
ApJServEnvVar SSL_SERVER_CERTIFICATE SSL_SERVER_CERTIFICATE
ApJServEnvVar SSL_CLIENT_CERTIFICATE SSL_CLIENT_CERTIFICATE
ApJServEnvVar SSL_PROTOCOL SSL_PROTOCOL
The distinction between local & remote env names is a workaround for SSL
env names that were not compatible between all SSL implementations.
these env vars will be readable using :
HttpServletRequest.getAttribute()
see: https://ma-planete.net/servlets/SuperSnoop for results.
NB: this obsoletes the previous way to get them : you'll have to add
these new directives.
Jean-Luc Rochat
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
