2 Replies Latest reply on May 13, 2004 12:46 PM by cam156

Custom Login using SSL

cam156 May 13, 2004 12:06 PM

Hello,

Is there any way to get access to the X509 certificates passed in SSL in a Custom Login Module?

I am trying to verify a user using the certificate DN as the username that I can then use to look up information about the user in an LDAP server.

Thanks for any help you can give me!

-- Carolyn

1. Re: Custom Login using SSL

rolfarne May 13, 2004 12:29 PM (in response to cam156)

Here is a method you could use inside a login module. It assumes you extend the AbstractServerLoginModule.

private Object[] getLoginInfo() throws LoginException {

 if (callbackHandler == null) {
 log.warn("No callbackHandler available");
 throw new LoginException(
 "Error: no CallbackHandler available " + "to collect authentication information");
 }
 String username = null;
 X509Certificate[] certs = null;
 NameCallback nc = new NameCallback("username");
 ObjectCallback oc = new ObjectCallback("certs");
 Callback[] callbacks = { nc, oc };
 try {
 callbackHandler.handle(callbacks);
 username = nc.getName();

 Object credential = oc.getCredential();
 if (credential == null || !(credential instanceof X509Certificate[])) {
 log.debug("No X509Certficate chain");
 throw new LoginException("No X509Certficate chain");
 }
 certs = (X509Certificate[]) credential;
 } catch (java.io.IOException ioe) {
 throw new LoginException(ioe.toString());
 } catch (UnsupportedCallbackException uce) {
 throw new LoginException("CallbackHandler does not support: " + uce.getCallback());
 }
 return new Object[] { username, certs };
 }

2. Re: Custom Login using SSL

cam156 May 13, 2004 12:46 PM (in response to cam156)

Thanks so much!

Your code worked perfectly!

-- Carolyn
Actions

Go to original post