0 Replies Latest reply on Nov 10, 2003 8:12 AM by stscit04

    Get SSL certificate in stateless session bean

    stscit04 Newbie


      I am new on using SSL and certificates, so this is
      probably not the most intelligent question :-)

      I have clients with ssl-certificates on the one side
      and jboss3.2.2/tomcat on the other side. They are connected by web-services over http.

      each client has different rights to access data, so
      I have to find out who is connecting to my stateless EJB through web-services(through tomcat).

      I have stored the client-certificates in a database accessible by jboss.

      Is there a way in the statless session bean to get the
      certificate of the web-service caller, or is there another way to get this ?

      This is my arch:

      client ----- web-service (over https) ----- tomcat (axis -servlet) ----- stateless session bean on jboss.

      Any help really appreciated, also if you have to tell me
      that my architecture is trash :-)