?
Solved

Client Certificate Information not available to Servlet running on Apache + WebLogic Configuration

Posted on 2003-03-24
4
Medium Priority
?
1,267 Views
Last Modified: 2013-12-10
I am trying to access the client certificate information from a JSP using the following code with no success:

import java.security.cert.X509Certificate;
X509Certificate certChain[] = (X509Certificate[]) request.getAttribute("javax.net.ssl.peer_certificates");

if( certChain != null )
{
     for (int i=0; i < certChain.length; i++)
     {
          String a = certChain[i].toString();
          System.out.println(a);
                //...
     }
}

The certChain array comes back null.  Apache has been configured to require SSL communication and client certificate authentication.  I have tried with WebLogic requiring and not requiring client certificates with the same results.  

I also tried the following code but the return value came back null also:
   request.getUserPrincipal();

0
Comment
Question by:knightEknight
  • 2
  • 2
4 Comments
 
LVL 4

Expert Comment

by:boxy73
ID: 8209621
Is your weblogic listening on SSL (usually 7002) port for JSP requests?
0
 
LVL 33

Author Comment

by:knightEknight
ID: 8211361
yes, weblogic is listening on SSL.  Apache is not passing the certificate thru to weblogic.
0
 
LVL 4

Accepted Solution

by:
boxy73 earned 1000 total points
ID: 8211941
I think that weblogic uses its own class (weblogic.security.X509), no matter your importing another one.

So, perhaps you need to cast the result of getAttribute like this:

java.security.cert.X509Certificate certChain[] =
   (java.security.cert.X509Certificate [])        
   request.getAttribute("javax.servlet.request.X509Certificate");
0
 
LVL 33

Author Comment

by:knightEknight
ID: 8592591
that was not an option because the classes were not even on the same tree together ... but that problem was for my previous employer anyway, so who cares!  Thanks anyway.
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Verbose logging is used to diagnose garbage collector problems. By default, -verbose:gc output is written to either native_stderr.log or native_stdout.log.   It is also possible to redirect the logs to a user-specified file. This article will de…
Upgrading Tomcat – There are a couple of methods to upgrade Tomcat is to use The Apache Installer is to download and unzip and run the services.bat remove|install Tomcat6 Because of the App that we are working with, we can only use Tomcat 6.…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Kernel Data Recovery is a renowned Data Recovery solution provider which offers wide range of softwares for both enterprise and home users with its cost-effective solutions. Let's have a quick overview of the journey and data recovery tools range he…
Suggested Courses
Course of the Month8 days, 5 hours left to enroll

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question