Hi Christopher, Thanks for the reply.
My end goal is to check the certificates OID I did some research and I found that in the RealmBase there is a method authenticate(X509Certificate <http://docs.oracle.com/javase/7/docs/api/java/security/cert/X509Certificate.html?is-external=true>[] certs) and int the X509Certificate there is public abstract String <http://docs.oracle.com/javase/7/docs/api/java/lang/String.html> getSigAlgOID() https://tomcat.apache.org/tomcat-8.0-doc/api/org/apache/catalina/realm/RealmBase.html#authenticate(java.security.cert.X509Certificate[]) I suspect those should help me checking the certificate Assurance Levels? Thanks, Lucas On 20 April 2017 at 19:50, Christopher Schultz <ch...@christopherschultz.net > wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Lucas, > > On 4/20/17 1:12 PM, Lucas S. Silva wrote: > > I am trying to implement a custom JNDIRealm that will do some > > validations based on the Extended Validation Certificates like the > > OID it this supported by tomcat? > > The term "Extended Validation" has a special meaning when you are > talking about X.509 certificates. What do you mean, here, > specifically, when you say "Extended Validation Certificates"? > > > Or I will just get whatever the LDAP server supports? I could not > > find which method I would have to overwrite to get the extended > > validation certificates:> > > https://tomcat.apache.org/tomcat-8.0-doc/api/org/apache/catalina/realm > /JNDIRealm.html > > What, > > > specifically, are you trying to accomplish? > > - -chris > -----BEGIN PGP SIGNATURE----- > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBCAAGBQJY+PTWAAoJEBzwKT+lPKRYkBkQALUuoaZzZzK4DsogcSqIu1/Y > gh7xaJFg7iHkM2Jd9oFp/MDLT+PINv3AuYqJ083jGJ3KOgbGR4qovGfboIL1HUMY > P0w/wwXqhPISUiRnjEmiCf4zQMvdnOdhbcfs269qCTwtAMWNZ/wJVrtFEntYiVhD > c2voTvYkYs7iiqPCgETFa2fblgfTQ8jcd0AuDge+VV3vWTi6wNGsclpiERZ73M9g > 7lYHginS605cUo7KgBTEH4nqWyQIaIVWEdU+2O7ZFz1PBJrSo/+ez8Rh/mV3Ld98 > xfuoLLM3CRH7rU65Y3DOrzCQ4z4UKlQ5e4NTb0GZEs42TBf6x0VDzzqcNCcg892d > 4UNfTQ9VqdZMrPEzyklytYVC32P6aUbF6GYb74GvhLAIxkEV3aoAYGt6QxCTEkoq > 2opD4mEDibPT3gb1M2/f9zjq9zJ4FSsv4EdFDiDWffcR6CDscl8kT0gRnMYZKFWk > mirLjnSPxXtwx3ClYGlMvQwfZi6qULgrCaMfWqYIejJN7wQA8J8u6NA2kjVn9wTA > cCJKQAzsw9zUv1eCmBsJv66lvfzyOUJLVxTeJ3wmg6ShcTee0DgcVBVT3nggMmFa > F8586TLqqi8Xie/HHRCd+JrfVGlJpPPj6btpaBehyMoyj6G/SiZwmCH9TX0UADi5 > Ra6J6JO46bahywrEDt+r > =jHk3 > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
