trying to read client certificate, but always return null
[nobr]hi
i used a code i found from another website, to read client's digital certificate:
here's the code:
import javax.servlet.*;
import javax.servlet.http.*;
import java.io.*;
import java.util.*;
import java.security.cert.*;
publicclass SecurityAttribsextends HttpServlet
{
staticfinal String CONTENT_TYPE ="text/html";
/**
This method is called once per instance of the servlet class.
Use this method to allocate any needed resources that should
be preserved for the life of the servlet instance.
*/
publicvoid init( ServletConfig config )
throws ServletException
{
super.init( config );
}
// Handle the HTTP GET request
publicvoid doGet( HttpServletRequest request, HttpServletResponse response )
throws ServletException, IOException
{
response.setContentType( CONTENT_TYPE );
StringBuffer html =new StringBuffer();
html.append("<html><head><title>SecureServlet</title></head><body>" );
checkSSLAttributes(request,html);
checkAuthType(request,html);
loopThroughAttribs(request,html);
loopThroughHeaders(request,html);
checkClientCerts(request,html);
html.append("</body></html>" );
PrintWriter out = response.getWriter();
response.setContentLength(html.length());
out.println(html.toString());
}
// Handle the HTTP POST request
publicvoid doPost( HttpServletRequest request, HttpServletResponse response )
throws ServletException, IOException
{
response.setContentType( CONTENT_TYPE );
PrintWriter out = response.getWriter();
/** @todo Process the HTTP "POST" request here, and write the proper
response to the PrintWriter "out". */
out.println("<html><head><title>SecurityAttribs</title></head><body>" );
out.println(" Servlet SecurityAttribs has received an HTTP POST.
out.println(" The servlet generated this page in response to the request.
out.println("</body></html>" );
}
privatevoid checkAuthType(HttpServletRequest request, StringBuffer html)
{
try
{
//request.BASIC_AUTH, DIGEST_AUTH, CLIENT_CERT_AUTH, FORM_AUTH
html.append("<P>request authorization type is <B>").append(request.getAuthType()).append("</B>
");// simplified type check
if (request.getAuthType() == request.BASIC_AUTH)
{
html.append("<P>this is only basic authorization !</P>");
}
html.append("<P>request.getAuth==> <B>").append(request.getAuthType()).append("</B>
");html.append(" (request.BASIC_AUTH ==> "
}
catch(Exception e)
{
e.printStackTrace();
}
}
privatevoid checkSSLAttributes(HttpServletRequest request, StringBuffer html)
{
// security checks
try
{
String cyphersuite = (String)request.getAttribute("javax.servlet.request.cipher_suite");
if (cyphersuite !=null)
{
html.append("<P>javax.servlet.request.cipher_suite is <B>").append(cyphersuite).append("</B></P>");
}
cyphersuite = (String)request.getAttribute("javax.net.ssl.cipher_suite");
if (cyphersuite !=null)
{
html.append("<P>javax.net.ssl.cipher_suite is <B>").append(cyphersuite).append("</B></P>");
}
Object o = request.getAttribute("javax.servlet.request.key_size");
if (o !=null)
{
Integer size = (Integer)o;
html.append("<P>javax.servlet.request.key_size is <B>").append(size.intValue()).append("</B></P>");
}
else
{
html.append("<P>javax.servlet.request.key_size not present in this request</P>");
}
// from 2.1 spec
X509Certificate[] certs = (X509Certificate[])request.getAttribute("javax.net.ssl.peer_certificates");
if (certs !=null && certs.length > 0)
{
html.append("<P><B>Client Certs 2.1</B><table border='1'><tr><th>type</th></tr>");
for (int i=0;i<certs.length;i++)
{
X509Certificate cert = certs[i];
html.append("><tr><td>").append(cert.getType()).append("</td></tr>");
}
html.append("</table>
");}
// from 2.2 spec
certs = (X509Certificate[])request.getAttribute("javax.servlet.request.X509Certificate");
if (certs !=null && certs.length > 0)
{
html.append("<P><B>Client Certs 2.2</B><table border='1'><tr><th>type</th></tr>");
for (int i=0;i<certs.length;i++)
{
X509Certificate cert = certs[i];
html.append("><tr><td>").append(cert.getType()).append("</td></tr>");
}
html.append("</table>
");}else{
html.append("<br>No certificate found, again :(");
}
}
catch (Exception e)
{
e.printStackTrace();
html.append(" error accessing javax.servlet.request.key_size : "
}
}
privatevoid loopThroughAttribs(HttpServletRequest request, StringBuffer html)
{
try
{
html.append("<P><B>Attribs</B><table border='1'><tr><th>Name</th><th>Value</th><th>Class name</th></tr>");
for (Enumeration en = request.getAttributeNames(); en.hasMoreElements();)
{
String name = (String)en.nextElement();
html.append("<tr><td>").append(name).append("</td><td>").append(request.getAttribute(name)).append("</td><td>").append((request.getAttribute(name)).getClass().getName()).append("</td></tr>");
}
}
catch(Exception e)
{
e.printStackTrace();
}
html.append("</table>
");}
privatevoid loopThroughHeaders(HttpServletRequest request, StringBuffer html)
{
try
{
html.append("<P><B>Headers</B><table border='1'><tr><th>Name</th><th>Value</th></tr>");
for (Enumeration en = request.getHeaderNames(); en.hasMoreElements();)
{
String name = (String)en.nextElement();
html.append("<tr><td>").append(name).append("</td><td>").append(request.getHeader(name)).append("</td></tr>");
}
}
catch(Exception e)
{
e.printStackTrace();
}
html.append("</table></P>");
}
privatevoid checkClientCerts(HttpServletRequest request, StringBuffer html)
{
java.security.cert.X509Certificate[] rst = (java.security.cert.X509Certificate[])request.getAttribute("javax.servlet.request.X509Certificate" );
if (rst !=null && rst.length > 0)
{
html.append("<P><B>Client Certs</B><table border='1'><tr><th>Type</th></tr>");
for (int i=0;i<rst.length;i++)
{
java.security.cert.X509Certificate clientCert = rst[i];
html.append("><tr><td>").append(clientCert.getType()).append("</td></tr>");
}
html.append("</table></P>");
}
}
}
but it always return null....here's the partial output of the above code, when I tried to access my https page using Internet explorer.
javax.servlet.request.key_size not present inthis request
No certificate found, again :(
request authorization type isnull
request.getAuth ==>null
(request.BASIC_AUTH ==> BASIC)
i really need help to resolve this problem here. been stuck here for a few days.
thanks a lot[/nobr]
