Ok. I have done cxf considerable so I know I can grab the cert from the request, and I usually use an interceptor but on this new project with this new company they don't use any framework other than servlets. Not even spring.
Now what I mean by grabbing the client certificate is still using TLS ( I think) but not in the "normal" vain that most would expect. The current app does a redirect, from http port 8080 to https port 8443. This redirect causes the browser to present the client certificate in the normal manner and it is captured for later processing, after the certificate is captured the comms is redirected back to http port 8080 and the processing continues. I guess I don't really mean not use https but more like, how can I, in one request, go from http to https, get the cert, then go back to http and the REST service. I've seen cxf can do redirects and was wonder if this could be done but I'm not versed enough to figure it out. It would be a big feather in my cap if I could do this since the altimate customer wants this done like yesterday and I'm holding things up trying to bring new tech into their hack and slash world. Thanks Paul -- View this message in context: http://cxf.547215.n5.nabble.com/http-https-http-and-REST-tp5497801p5500178.html Sent from the cxf-user mailing list archive at Nabble.com.
