Hi all, Can I retrieve the SSL client certificate from an incoming request and use it in another one?
Let me explain the background: We have implemented a server that only accepts SOAP requests. The purpose of this server is to act as a job dispatcher for a cluster of N machines. The jobs to execute are defined by the users, so we designed it to have a public API (accesed via SOAP calls), with which we can define jobs, upload executable files and resources and control execution in the cluster. Currently, it uses basic authentication for all connections, but we are planning to pass to a two-way SSL authentication model in a short time. Users access this server through different front-ends, ones more specialized than others. Some of them are themselves web applications. We want our front-end to capture the client certificate from a request, and use it to authenticate itself in its calls to our SOAP server. We need this capability, because each user can have different permissions, and we don't want all connections through the front-end to be made with a common certificate. Also, we want to avoid the need to "register" the clients in our front-end, as it should act as a simple proxy to our soap service. Is this possible from a servlet? We are now using Tomcat 3.3.1, and migrating to 4.1.12 for client certificate authentication support. Any help would be appreciated -- GRIDSYSTEMS Rodrigo Ruiz Aguayo Parc Bit - Son Espanyol Analista Programador 07120 Palma de Mallorca [EMAIL PROTECTED] Baleares - Espa�a Tel:+34-971435085 www.gridsystems.com Fax:+34-971435082 -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
