<div dir="ltr">Stuart, thanks a lot! <div>That works for me. Super!</div></div><br><div class="gmail_quote"><div dir="ltr">On Sun, Dec 11, 2016 at 1:47 AM Stuart Douglas <<a href="mailto:sdouglas@redhat.com">sdouglas@redhat.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Here is an example of using servlet + client cert:<br class="gmail_msg">
<br class="gmail_msg">
<a href="https://github.com/undertow-io/undertow/commit/e8473ec35c420b782e072723d1e6338548def842" rel="noreferrer" class="gmail_msg" target="_blank">https://github.com/undertow-io/undertow/commit/e8473ec35c420b782e072723d1e6338548def842</a><br class="gmail_msg">
<br class="gmail_msg">
Basically the IdentityManager implementation is responsible for<br class="gmail_msg">
retrieving the roles for a given user.<br class="gmail_msg">
<br class="gmail_msg">
Stuart<br class="gmail_msg">
<br class="gmail_msg">
On Sat, Dec 10, 2016 at 8:17 PM, Dieter Bogdoll <<a href="mailto:dieter@bogdoll.net" class="gmail_msg" target="_blank">dieter@bogdoll.net</a>> wrote:<br class="gmail_msg">
> Hello Mailinglist,<br class="gmail_msg">
><br class="gmail_msg">
> I would like to use undertow for creating REST APIs.<br class="gmail_msg">
> I also would like to use HTTPS for communcation between client and server.<br class="gmail_msg">
> The user should authenticate itself with a client certificate. On the<br class="gmail_msg">
> server should be a component which takes the client certificate and<br class="gmail_msg">
> uses some other service (properties file, database, ...) to which roles<br class="gmail_msg">
> the user has (and therefor if and what parts of the REST API he can use).<br class="gmail_msg">
><br class="gmail_msg">
> I think I know how to listen only to HTTPS, but I'm not sure how to extract<br class="gmail_msg">
> the relevant bits from the client certificate and how to set the<br class="gmail_msg">
> groups/roles.<br class="gmail_msg">
><br class="gmail_msg">
> The solution should be compatible with the Servlet API. Is there some<br class="gmail_msg">
> example<br class="gmail_msg">
> code which I could look up, or some tutorial describing what I required?<br class="gmail_msg">
><br class="gmail_msg">
> Best regards,<br class="gmail_msg">
> Dieter<br class="gmail_msg">
><br class="gmail_msg">
> _______________________________________________<br class="gmail_msg">
> undertow-dev mailing list<br class="gmail_msg">
> <a href="mailto:undertow-dev@lists.jboss.org" class="gmail_msg" target="_blank">undertow-dev@lists.jboss.org</a><br class="gmail_msg">
> <a href="https://lists.jboss.org/mailman/listinfo/undertow-dev" rel="noreferrer" class="gmail_msg" target="_blank">https://lists.jboss.org/mailman/listinfo/undertow-dev</a><br class="gmail_msg">
</blockquote></div>