Reputation: 806
get user info from a client certificate in a java web service context
I'm developing a java web service, with client certificate security enabled. I don't want to add a parameter to each method with a user ID. Since the user is already authenticating through the soap header with his client certificate, is it possible to fetch the user data (common name, email, etc) from his certificate?
Thanks!
Upvotes: 2
Views: 6096
Answers (2)
Reputation: 597134
Cast your java.security.cert.Certificate to java.security.cert.X509Certificate and check the methods you have available on it - like getSubjectDN()
Upvotes: 0
Reputation: 75466
This is how you can retrieve DN from the request,
Object certChain = request.getAttribute(
"javax.servlet.request.X509Certificate");
if (certChain != null) {
X509Certificate certs[] = (X509Certificate[])certChain;
X509Certificate cert = certs[0];
String n = cert.getSubjectDN().getName();
}
For this to work, you have to configure the HTTPS connector properly. If AJP is used, you have to configure the AJP connector so the certificate is passed from Apache to Tomcat.
Upvotes: 3
Related Questions
- How to read user's certificate in java
- Connect to webservice with certificate from java
- Reading Client Certificate in Servlet
- Java WSDL Web Service Getting the client certificate
- How to extracts additional info from SSL certificate to allow access to WebService client on WAS
- Consuming a WebService over SSL in Java
- Java webservice client, change client certificate dynamically
- Attach client certificate to web service call based on stubs created with wsdl2java
- SSL keys and client auth in Java
- Pass client certificate to web service without setting system-wide properties