Hello, I try many code for getting client certificate in a servlet but nothing works ! I have : Linux RedHat 6.1 Apache WebServer 1.3.12 JServ 1.1.2 apparently, the way for getting certificate infos depends on the webserver ?! ... Please help me ! :-) Thierry -----Original Message----- From: Traian Tirzaman [mailto:[EMAIL PROTECTED]] Sent: Friday, August 25, 2000 10:03 PM To: BERWART Thierry Subject: Re: Request/read digital certificates from java From JavaSoft.com Hi Thierry, Here's some code snippets that you could use to read a digital certificate from java code (servlets): // some imports .... import java.io.*; import java.util.*; import java.security.*; import javax.servlet.*; import javax.servlet.http.*; //import java.security.cert.X509Certificate; import sun.security.x509.*; String cipherSuite = (String)req.getAttribute("javax.net.ssl.cipher_suite"); X509Cert[] certChain = (X509Cert[])req.getAttribute("javax.net.ssl.peer_certificates"); for(int i = 0; i < certChain.length; ++i) { X509Cert cert = (X509Cert)certChain[i]; Principal p = cert.getPrincipal(); out.println("Principal for this certificate: " + p.getName()); out.println("Looking for \"CN=Joe Doe\" ...."); if(p.getName().indexOf("CN=joe doe") != -1) { out.println("joe doe has been authenticated SUCCESSFULLY !!!!"); } Once you get the "X509Cert" object you can call a lot of different methods on it to get data and check it against whatever your security model is. I wrote this code awhile ago, so you may want to check it against newer classes, methods, etc. Good luck ! --- BERWART Thierry <[EMAIL PROTECTED]> wrote: > Hello, > > I saw your message in "Java programming" forum. > And i have the same question/problem and i think you > can help me !! > > did you find any answers ?? > > thanks ! > > Thierry > > > >>Is it possible to request and read a digital > certificate from Java > (servlets) code ? I'd like to turn off the digital > certificate > >>authentication done by the Web server and from a > java servlet, request a > client certificate and read it. > >>Any help would be greatly appreciated. > >>P.S. My e-mail: [EMAIL PROTECTED] ===== Traian Tirzaman __________________________________________________ Do You Yahoo!? Yahoo! Mail - Free email you can access from anywhere! http://mail.yahoo.com/ ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
