s/Http12Processor/Http11Processor/ On Thu, Apr 10, 2008 at 6:18 PM, Hanson Char <[EMAIL PROTECTED]> wrote:
> I refer to tomcat 5.5.17. Assuming SSL client side authentication is > used, I am trying to access the underlying client's X509 certificate of the > SSL socket in a webapp. However, it appears such information can only be > extracted from the SSL session, which is not made available to the servlet. > > I can see that this can be hacked around by modifying > Http12Processor.java, such that the (SSL) socket is placed into a thread > local for use by the webapp. > > But there must be a better/easier way than this, or some configuration > magic I am missing ? > > Hanson
