0 Replies Latest reply on Nov 16, 2016 12:29 AM by Kevin Kelly

    Client Side Authentication Undertow

    Kevin Kelly Newbie

      So I have posted a question here on stackoverflow. Figured it would be easier to link to it here ->

       

      java - Undertow X.509 Being Stripped? - Stack Overflow

       

      It would appear to me that the X.509 is being stripped? But to make comment on that stackoverflow post

      the emebedded server I am setting up with .setServerOptions() do not seem to be working as intended. As

      per setting

       

      serverBuilder = Undertow.builder()

        // .setServerOption(UndertowOptions.ENABLE_HTTP2, true)

        .addHttpsListener(port, host, sslContext)

      // .setServerOption(Options.SECURE, true)

        .setServerOption(Options.SSL_ENABLED, true)

        .setServerOption(Options.SSL_CLIENT_AUTH_MODE, SslClientAuthMode.REQUIRED)

       

      has no effect on the deployment below

       

      // setup app rest deployement information

        appRestDeployment = new ResteasyDeployment();

        appRestDeployment.setApplicationClass(ResourceFactory.class.getName());

        appRestDeployment.setInjectorFactoryClass(CdiInjectorFactory.class.getName());

       

      appDeploymentInfo = server.undertowDeployment(appRestDeployment, Config.API_PATH);

        appDeploymentInfo.setClassLoader(Application.class.getClassLoader()).setContextPath(Config.CONTEXT_PATH)

        .setDeploymentName(Config.DEPLOYMENT_NAME)

        .addListeners(Servlets.listener(Listener.class));

       

      Please, help on this would be much appreciated. I am not sure why I cannot receive the X.509 certificate in the request, which I know is properly working, as has been tested using a different framework.