2 Replies Latest reply on May 30, 2008 10:42 AM by Michael Ihns

    Feature Request: Accessing SSL Cerficate in Request - Please

    Michael Ihns Newbie

      I need to access the SSL certificate sent in the request in my J2EE application. I need this capability both for (redundant) security purposes and so that I can use the certificate to forward requests to other web services.

      Currently, I receive the following SSL attributes in my requests:

      javax.servlet.request.cipher_suite
      javax.servlet.request.key_size
      javax.servlet.request.ssl_session

      I'd like access to javax.servlet.request.X509Certificate in the request.

      I know this is possible by configuring Apache to run in front of Tomcat using mod_jk. However, I'd really like to avoid having to do this.

      Is there any way to configure JBoss to pass this attribute in the request header? If not, is this something we can add to the next version of JBoss Web Server? It seems like it would be pretty simple to implement. I am even willing to implement this contribution if possible.

      I really appreciate any insight anyone might have regarding this issue.

      Sincerely,

      Michael