The first step is to set needs-client-auth="true" in your <ssl-config> tag.
The next step is to add/configure the user (client). There is a sample of
how to do this in the demo/ssl/ssl-user-registration.jsp file. Note that
this
file still uses the UserManager directly - presently we recommend going
thru the RoleManager to abstract role relationships etc (as shown in the
ATM demo) but the same general principle still applies.
The actual line for getting the request certificate (used in that file) is:
java.security.cert.X509Certificate cert =
(java.security.cert.X509Certificate)request.getAttribute("javax.servlet.requ
est.X509Certificate");
which gives you the certificate used to make the request.
We will expand the ATM demo to support cert-based auth in order to
show this "live".
Hope it helps.
/Magnus Stenman, the Orion team
----- Original Message -----
From: "Ariel Aramburu" <[EMAIL PROTECTED]>
To: "Orion-Interest" <[EMAIL PROTECTED]>
Cc: "Magnus Stenman" <[EMAIL PROTECTED]>
Sent: Wednesday, March 08, 2000 5:12 PM
Subject: How do I read the client digital certificate's info in a servlet ?
> Hi !!!
>
> I made a test site with Orion 0.9.4 where I inforce double
authentication, so that BOTH the client and the server are forced to
interchange certificates. I would like to read in the server, that is,
orion, the contents of the digital certificate presented. How do I do that ?
>
>
>
> Thanks/tack !
>
>
> Ariel/
>
>
