You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@felix.apache.org by "Felix Meschberger (JIRA)" <ji...@apache.org> on 2013/10/18 14:28:42 UTC
[jira] [Commented] (FELIX-4230) Enhance the Felix request SSL
filter to provide the cert as a request attribute
[ https://issues.apache.org/jira/browse/FELIX-4230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13799061#comment-13799061 ]
Felix Meschberger commented on FELIX-4230:
------------------------------------------
Implement such conversion in Rev. 1533418.
Leaving this issue open for some testing still.
> Enhance the Felix request SSL filter to provide the cert as a request attribute
> -------------------------------------------------------------------------------
>
> Key: FELIX-4230
> URL: https://issues.apache.org/jira/browse/FELIX-4230
> Project: Felix
> Issue Type: Improvement
> Components: HTTP Service
> Affects Versions: http-2.2.0
> Reporter: Timothee Maret
> Assignee: Felix Meschberger
> Fix For: http-2.2.2
>
>
> The HTTP SSL Filter allows simulating an HTTPS request on a system sitting behind an SSL terminating proxy. The proxy forwards SSL information to the system and the filter resurrects the SSL behavior for the web application.
> Apart from just resurrecting the fact that the original request was secure, it is sometimes also required to get at the client's certificate (if provided) used on the HTTPS session.
> The expectation is that the SSL terminating proxy provides the certificate in linearized (line breaks replaced by single blanks) PEM format in the "X-Forwarded-SSL-Certificate" header. The filter will convert this header value in an X509Certificate[] array to be set as the "javax.servlet.request.X509Certificate" request attribute as defined by the servlet API specification.
--
This message was sent by Atlassian JIRA
(v6.1#6144)