Finally, I found at least one answer to this problem:
http://hansonchar.blogspot.com/2008/04/tomcat-55-ssl-programming-puzzle.html Cheers, Hanson On Thu, Apr 10, 2008 at 6:20 PM, Hanson Char <[EMAIL PROTECTED]> wrote: > s/Http12Processor/Http11Processor/ > > > On Thu, Apr 10, 2008 at 6:18 PM, Hanson Char <[EMAIL PROTECTED]> > wrote: > > > I refer to tomcat 5.5.17. Assuming SSL client side authentication is > > used, I am trying to access the underlying client's X509 certificate of the > > SSL socket in a webapp. However, it appears such information can only be > > extracted from the SSL session, which is not made available to the servlet. > > > > I can see that this can be hacked around by modifying > > Http12Processor.java, such that the (SSL) socket is placed into a thread > > local for use by the webapp. > > > > But there must be a better/easier way than this, or some configuration > > magic I am missing ? > > > > Hanson > > >
