Re: authenticate with java servlets

Fri, 21 Mar 2003 04:32:00 -0800 

By the way, thank you, i get the user cert at last:)
String cert =
request.getAttribute("javax.servlet.request.X509Certificate").toString();

> Hi,
> with tomcat 3.2.1 you may try with:
>
> String strX509 = req.getAttribute("javax.servlet.request.X509Certificate")
> Certificate cert = new X509Certificate(strX509.getBytes() );
>
> if it doesn't work, you could try with (as servlet specs says):
>
> Object obj = req.getAttribute("javax.servlet.request.X509Certificate")
> Certificate cert = null;
> if(obj instanceof  String)
> {
>     String strX509 = (String)obj;
>     cert  = new X509Certificate(strX509.getBytes() );
> }
> else
> {
>     cert = (Certificate)obj;
> }
>
> Hope this helps.
> Tito.
>
>>
> > Hello!
> >
> > I'm using OpenSA (Apache 1.3), Tomcat 3.2.1 and mod_jk.
> > For SSL i red that ajp13 is needed (not ajp12).
> >
> > So i get run Tomcat under Apache SSL.
> > I authenticate user with Apache SSL, but when i read authenticate
> variables
> > then i always get null.
> > String subject = request.getHeader( "CERT_SUBJECT" );
> > String issuer = request.getHeader( "CERT_ISSUER" );
> > String issuer = request.getHeader( "SSL_CLIENT_CERT" );
> >
> > Specification also says that in httpd.conf ajp13 declarations is needed,
> > like so:
> > JkExtractSSL On
> > JkHTTPSIndicator HTTPS
> > JkSESSIONIndicator SSL_SESSION_ID
> > JkCIPHERIndicator SSL_CIPHER
> > JkCERTSIndicator SSL_CLIENT_CERT
> >
> >
> > Can anybody expert exactly explain what exactly is needed to read certs
> with
> > java servlets?
> >
> > Many thanx!
> > Erki
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to