Re: authenticate with java servlets

Fri, 21 Mar 2003 03:46:39 -0800 

Hi!

Yes, i tried it before:
java.security.cert.X509Certificate certt =
(java.security.cert.X509Certificate)request.getAttribute("javax.servlet.requ
est.X509Certificate");
but it's still return null.

Is it possible if user authenticate to web then Apache saves user cert to
some directory
and later servlet can read this cert from that directory?

> Hi,
> with tomcat 3.2.1 you may try with:
>
> String strX509 = req.getAttribute("javax.servlet.request.X509Certificate")
> Certificate cert = new X509Certificate(strX509.getBytes() );
>
> if it doesn't work, you could try with (as servlet specs says):
>
> Object obj = req.getAttribute("javax.servlet.request.X509Certificate")
> Certificate cert = null;
> if(obj instanceof  String)
> {
>     String strX509 = (String)obj;
>     cert  = new X509Certificate(strX509.getBytes() );
> }
> else
> {
>     cert = (Certificate)obj;
> }
>
> Hope this helps.
> Tito.
>
> ----- Original Message -----
> From: "Erki Kriks" <[EMAIL PROTECTED]>
> To: "Tomcat Users List" <[EMAIL PROTECTED]>
> Sent: Friday, March 21, 2003 9:42 AM
> Subject: authenticate with java servlets
>
>
> > Hello!
> >
> > I'm using OpenSA (Apache 1.3), Tomcat 3.2.1 and mod_jk.
> > For SSL i red that ajp13 is needed (not ajp12).
> >
> > So i get run Tomcat under Apache SSL.
> > I authenticate user with Apache SSL, but when i read authenticate
> variables
> > then i always get null.
> > String subject = request.getHeader( "CERT_SUBJECT" );
> > String issuer = request.getHeader( "CERT_ISSUER" );
> > String issuer = request.getHeader( "SSL_CLIENT_CERT" );
> >
> > Specification also says that in httpd.conf ajp13 declarations is needed,
> > like so:
> > JkExtractSSL On
> > JkHTTPSIndicator HTTPS
> > JkSESSIONIndicator SSL_SESSION_ID
> > JkCIPHERIndicator SSL_CIPHER
> > JkCERTSIndicator SSL_CLIENT_CERT
> >
> >
> > Can anybody expert exactly explain what exactly is needed to read certs
> with
> > java servlets?
> >
> > Many thanx!
> > Erki
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to