To whoever can help:
I have an application which requires certificates, and a bunch of
servlets which don't. In my application I need to determine the
originating client of the certificate-based connection
(which comes from an enterprise application). I can do this if I can
get access to either the request Principal, or the certificate itself.
I have tried to use
req.getUserPrincipal();
req.getAttribute("javax.servlet.request.X509Certificate"); and
req.getAttribute("javax.net.ssl.peer_certificates");
all return null unless CLIENT-AUTH=true in server.xml is set,
(in which case the x509cert attribute returns the cert chain the rest
always return null)
but this requires certificates for all access which is what I don't
want.
I also tried setting <Valve
className="org.apache.catalina.valves.CertificatesValve"
certificates="true" debug="1"/>
in the context for the application but it didn't seem to help.
I've also tried various combinations with CLIENT-CERT authorization in
the
deployment descriptor for the application.
Some of the combinations simly block the interaction (saying no
client-cert presented, when there is one.)
I'm running 4.1.24 and 4.1.27 on XP Pro and Win2000.
Can anyone help?
Thanks,
Bill
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
