knightEknight
asked on
Client Certificate Information not available to Servlet running on Apache + WebLogic Configuration
I am trying to access the client certificate information from a JSP using the following code with no success:
import java.security.cert.X509Cer tificate;
X509Certificate certChain[] = (X509Certificate[]) request.getAttribute("java x.net.ssl. peer_certi ficates");
if( certChain != null )
{
for (int i=0; i < certChain.length; i++)
{
String a = certChain[i].toString();
System.out.println(a);
//...
}
}
The certChain array comes back null. Apache has been configured to require SSL communication and client certificate authentication. I have tried with WebLogic requiring and not requiring client certificates with the same results.
I also tried the following code but the return value came back null also:
request.getUserPrincipal() ;
import java.security.cert.X509Cer
X509Certificate certChain[] = (X509Certificate[]) request.getAttribute("java
if( certChain != null )
{
for (int i=0; i < certChain.length; i++)
{
String a = certChain[i].toString();
System.out.println(a);
//...
}
}
The certChain array comes back null. Apache has been configured to require SSL communication and client certificate authentication. I have tried with WebLogic requiring and not requiring client certificates with the same results.
I also tried the following code but the return value came back null also:
request.getUserPrincipal()
Is your weblogic listening on SSL (usually 7002) port for JSP requests?
ASKER
yes, weblogic is listening on SSL. Apache is not passing the certificate thru to weblogic.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
that was not an option because the classes were not even on the same tree together ... but that problem was for my previous employer anyway, so who cares! Thanks anyway.