How (in which version(s) of servlets?) do I discover security details
beyond the basics revealed by HttpServletRequest.getAuthType,
getUserPrincipal, isSecure, and isUserInRole? In particular, I'd like to
get (1) the X.509 certificate, if any, presented by a client using SSL/TLS,
(2) the details negotiated for an SSL/TLS connection, and (3) the Windows
AccessToken (or a suitable precursor) produced by an NTLM-flavored HTTP
authentication interaction.
Thanks,
Mike Spreitzer <[EMAIL PROTECTED]>
http://parcweb.parc/spreitze/ (Xerox internal)
http://www.parc.xerox.com/spreitze/ (external)
+1-650-812-4833
___________________________________________________________________________
To unsubscribe, send email to [EMAIL PROTECTED] and include in the body
of the message "signoff SERVLET-INTEREST".
Archives: http://archives.java.sun.com/archives/servlet-interest.html
Resources: http://java.sun.com/products/servlet/external-resources.html
LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
