Hi,
instead of "Object",
try with:
String strX509 = new String();
strX509 = (String)
req.getAttribute("javax.servlet.request.X509Certificate");
if( strX509 != null )
{
try
{
byte [] byX509 = strX509.getBytes();
//change with your security provider
iaik.x509.X509Certificate xcUser = new
iaik.x509.X509Certificate(byX509);
Principal prDN = xcUser.getIssuerDN();
Principal prCN = xcUser.getSubjectDN();
}
catch( java.security.cert.CertificateException jc)
{
}
}
Hope this may help.
Tito Santini
NETikos S.p.A.
Via Matteucci, 34 B
56124 PISA - ITALY
Tel.: + 39 050 968 671
Fax: + 39 050 968 626
mailto:[EMAIL PROTECTED]
www.netikos.com
----- Original Message -----
From: "Christoph Ender" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Sent: Tuesday, September 04, 2001 1:26 AM
Subject: Re: How to access X509 Certificate?
>
>
> > Christoph Ender wrote:
> > > Hey all,
> > > I'm trying to access the certificate that the user has sent to
> > > authenticate himself. I'm using the Tomcat/Apache combo. Apache
correctly
> > > exports the Certificate to the "SSL_CLIENT_CERT" environment variable,
but
> > > when I try to read "javax.servlet.request.X509Certificate", Tomcat
always
> > > returns null. The list of attributes is always empty.
> > > I've uncommented JkHTTPSIndicator HTTPS, JkSESSIONIndicator
SSL_SESSION_ID,
> > > JkCIPHERIndicator SSL_CIPHER, JkCERTSIndicator SSL_CLIENT_CERT and set
> > > JkExtractSSL to On. I'm sure the Ajp13 protocol is used since I've
> > > disabled everything else.
> > > What am I missing here? Any help greatly appreciated!
>
> On Mon, 3 Sep 2001, jean-frederic clere wrote:
> > What code are you using?
>
> If you're referring to versions:
> Tomcat is version 3.2.2, Apache 1.3.20, the servlet jar 2.2b.
>
> In case you're referring how to check for the certificate :-) :
> System.out.println(request.isSecure());
> System.out.println(request.getProtocol());
> System.out.println(request.getScheme());
> System.out.println(request.getServerPort());
>
> System.out.println("--- start headernames ---");
> enum = request.getHeaderNames();
> while (enum.hasMoreElements()) {
> thisparameter = (String)enum.nextElement();
> System.out.println(thisparameter);
> }
> System.out.println("--- end headernames --- ");
>
> System.out.println("--- start attributenames ---");
> enum = request.getAttributeNames();
> while (enum.hasMoreElements()) {
> thisparameter = (String)enum.nextElement();
> System.out.println(thisparameter);
> }
> System.out.println("--- end attributenames --- ");
>
> Object o =
request.getAttribute("javax.servlet.request.X509Certificate");
> if (o == null)
>
System.out.println("request.getAttribute(\"javax.servlet.request.X509Certifi
cate\") == null.");
>
>
>
> These lines produce the following output:
>
> true
> HTTP/1.0
> https
> 443
> --- start headernames ---
> accept
> accept-charset
> pragma
> accept-encoding
> host
> accept-language
> connection
> user-agent
> --- end headernames ---
> --- start attributenames ---
> --- end attributenames ---
> request.getAttribute("javax.servlet.request.X509Certificate") == null.
>
>
>
>
> Regards,
> Christoph.
>
>
