You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Federico Fernandez Cruz <fe...@dilmun.ls.fi.upm.es> on 2003/12/12 13:17:00 UTC

Apache SSL variables -> Imposible!

I have connected Apache and Tomcat (5) using JK2. The communication is 
right, but I can't access any apache SSL variables!
No matter what I do. It's impossible!

I have read several docs and all I get is frustration! :-(

Can someone tell me how to do it, pleeeeeease?

Thanks!

Re: Apache SSL variables -> Imposible!

Posted by Federico Fernandez Cruz <fe...@dilmun.ls.fi.upm.es>.

No, it doesn't work.

I have tried your code inside a JSP and always returns null.

My Apache is running in a RH Linux 9.0 machine and Tomcat is running in 
a Window XP Professional Station.

Several days ago I had problems about mappings from Apache to Tomcat and 
someone (thanks to Jorg Werner) told me to (re)compile modjk from 
tomcat-connectors sources not from tomcat sources. Compilation went ok 
but, my doubt is: Should I have to enable some compilation flag for 
using modjk in ssl contexts?

Is there any issue about mixing operating systems, Linux and Windows.... 
(??)

Thanks!


Bill Barker wrote:

>TC 5 does a lazy evaluation of the SSL Request attributes (for performance
>reasons).  This means that the attributes are made available when they are
>first asked for.  The following should work:
>  String cipher =
>(String)request.getAttribute("javax.servlet.request.cipher_suite");
>  Integer keysize =
>(Integer)request.getAttribute("javax.servlet.request.key_size");
>  X509Certificate [] certs = (X509Certificate
>[])request.getAttribute("javax.servlet.request.X509Certificate");
>  // Tomcat extensions
>  String sessionId =
>(String)request.getAttribute("javax.servlet.request.ssl_session");
>  X509Certificate [] certs = (X509Certificate
>[])request.getAttribute("org.apache.coyote.request.X509Certificate");
>  // This last one forces the client to send a cert
>
>There is an argument to add the names to getAttributeNames (which seems so
>have some other issues as well at the moment :).  Just because it doesn't
>show up in getAttributeNames, doesn't mean that you can't get the value.
>
>"Federico Fernandez Cruz" <fe...@dilmun.ls.fi.upm.es> wrote in message
>news:3FD9B1BC.7020001@dilmun.ls.fi.upm.es...
>  
>
>>I have connected Apache and Tomcat (5) using JK2. The communication is
>>right, but I can't access any apache SSL variables!
>>No matter what I do. It's impossible!
>>
>>I have read several docs and all I get is frustration! :-(
>>
>>Can someone tell me how to do it, pleeeeeease?
>>
>>Thanks!
>>
>>
>>
>>    
>>

Re: Apache SSL variables -> Imposible!

Posted by Bill Barker <wb...@wilshire.com>.

TC 5 does a lazy evaluation of the SSL Request attributes (for performance
reasons).  This means that the attributes are made available when they are
first asked for.  The following should work:
  String cipher =
(String)request.getAttribute("javax.servlet.request.cipher_suite");
  Integer keysize =
(Integer)request.getAttribute("javax.servlet.request.key_size");
  X509Certificate [] certs = (X509Certificate
[])request.getAttribute("javax.servlet.request.X509Certificate");
  // Tomcat extensions
  String sessionId =
(String)request.getAttribute("javax.servlet.request.ssl_session");
  X509Certificate [] certs = (X509Certificate
[])request.getAttribute("org.apache.coyote.request.X509Certificate");
  // This last one forces the client to send a cert

There is an argument to add the names to getAttributeNames (which seems so
have some other issues as well at the moment :).  Just because it doesn't
show up in getAttributeNames, doesn't mean that you can't get the value.

"Federico Fernandez Cruz" <fe...@dilmun.ls.fi.upm.es> wrote in message
news:3FD9B1BC.7020001@dilmun.ls.fi.upm.es...
> I have connected Apache and Tomcat (5) using JK2. The communication is
> right, but I can't access any apache SSL variables!
> No matter what I do. It's impossible!
>
> I have read several docs and all I get is frustration! :-(
>
> Can someone tell me how to do it, pleeeeeease?
>
> Thanks!
>
>
>

Re: Apache SSL variables -> Imposible!

Posted by Nikola Milutinovic <Ni...@ev.co.yu>.

Federico Fernandez Cruz wrote:

> I have connected Apache and Tomcat (5) using JK2. The communication is 
> right, but I can't access any apache SSL variables!
> No matter what I do. It's impossible!
> 
> I have read several docs and all I get is frustration! :-(
> 
> Can someone tell me how to do it, pleeeeeease?

Access your HttpServletRequest object and look for X509Certificates. I'm not 
sure what is the proper name, but it should be in the servlet specification.

Nix.


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org