Hi
Christian did some work with CXF JAASLoginInterceptor - have a look at
the source, the certificates are available on the message
Sergey
On 20/11/14 05:10, Xu HongBo(徐洪波) wrote:
Hi:
I want to only use a X509 Certificate to identify a client, and
authorize it without username-token .
I have already know how to signature the client using CXF, and at
service side, the CXF will verify the signature using the client's
X509Certificate automatically.
But I don't know how can I read the client's X509 Certificate's content
(or the CN field's name of certificate) at the service side. Does CXF provide
some API/SPI , I could use it to get the client's certificate?
Thanks for any suggestion
