?
Solved

Client Certificate Information not available to Servlet running on Apache + WebLogic Configuration

Posted on 2003-03-24
4
Medium Priority
?
1,246 Views
Last Modified: 2013-12-10
I am trying to access the client certificate information from a JSP using the following code with no success:

import java.security.cert.X509Certificate;
X509Certificate certChain[] = (X509Certificate[]) request.getAttribute("javax.net.ssl.peer_certificates");

if( certChain != null )
{
     for (int i=0; i < certChain.length; i++)
     {
          String a = certChain[i].toString();
          System.out.println(a);
                //...
     }
}

The certChain array comes back null.  Apache has been configured to require SSL communication and client certificate authentication.  I have tried with WebLogic requiring and not requiring client certificates with the same results.  

I also tried the following code but the return value came back null also:
   request.getUserPrincipal();

0
Comment
Question by:knightEknight
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 4

Expert Comment

by:boxy73
ID: 8209621
Is your weblogic listening on SSL (usually 7002) port for JSP requests?
0
 
LVL 33

Author Comment

by:knightEknight
ID: 8211361
yes, weblogic is listening on SSL.  Apache is not passing the certificate thru to weblogic.
0
 
LVL 4

Accepted Solution

by:
boxy73 earned 1000 total points
ID: 8211941
I think that weblogic uses its own class (weblogic.security.X509), no matter your importing another one.

So, perhaps you need to cast the result of getAttribute like this:

java.security.cert.X509Certificate certChain[] =
   (java.security.cert.X509Certificate [])        
   request.getAttribute("javax.servlet.request.X509Certificate");
0
 
LVL 33

Author Comment

by:knightEknight
ID: 8592591
that was not an option because the classes were not even on the same tree together ... but that problem was for my previous employer anyway, so who cares!  Thanks anyway.
0

Featured Post

Get MySQL database support online, now!

At Percona’s web store you can order your MySQL database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Configure Web Service (server application) I. Configure security for Web Services methods First, we need to protect Session bean which implements the service: 1. Open EJB deployment descriptor (ejb-jar.xml) in the EJB project that contains you…
There are numerous questions about how to setup an IBM HTTP Server to be administered from WebSphere Application Server administrative console. I do hope this article will wrap things up and become a reference for this task. You need three things…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses
Course of the Month10 days, 16 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question