I have tried to use req.getUserPrincipal(); req.getAttribute("javax.servlet.request.X509Certificate"); and req.getAttribute("javax.net.ssl.peer_certificates");
This is specific to Tomcat 4.1 and higher, but: req.getAttribute("org.apache.coyote.request.X509Certificate");
should work. Of course, this ties your application to Tomcat and there is no guarantee that future versions of Tomcat will continue to support it (although currently 5.0 does).
You also have the option of putting the attribute name into a properties file, and updating that file based upon the container that you use. You could also use a JNDI resource which is pretty much the same thing, but may be easier to configure when moving from app server to app server.
-chris
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
