[jbossws-issues] [JBoss JIRA] (JBWS-3461) HTTPS / TLS Client certificate authentication does not give client certificate to server side
Tomas Gustavsson (JIRA)
jira-events at lists.jboss.org
Mon Mar 19 03:44:47 EDT 2012
[ https://issues.jboss.org/browse/JBWS-3461?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12677529#comment-12677529 ]
Tomas Gustavsson commented on JBWS-3461:
----------------------------------------
Is there no workaround for this? Not even using JBoss specific classes? I am open for all suggestions.
> HTTPS / TLS Client certificate authentication does not give client certificate to server side
> ---------------------------------------------------------------------------------------------
>
> Key: JBWS-3461
> URL: https://issues.jboss.org/browse/JBWS-3461
> Project: JBoss Web Services
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Components: jbossws-cxf, jbossws-integration, jbossws-native
> Environment: JBoss AS 7.1.0.GA
> Reporter: Tomas Gustavsson
> Fix For: jbossws-native-4.1, jbossws-cxf-4.1
>
>
> We use client certificate authentication (TLS) for our webservice (JAX-WS annotated EJB).
> In JBoss 5 and 6 the following code worked to fetch the client certificate in the session bean.
> MessageContext msgContext = wsContext.getMessageContext();
> HttpServletRequest request = (HttpServletRequest) msgContext.get(MessageContext.SERVLET_REQUEST);
> X509Certificate[] certificates = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");
> In JBoss AS 7.1.0.GA no certificate is retrieved.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jbossws-issues
mailing list