[iaik-ssl] Question regarding RMI over SSL

[Dirk Balfanz <balfanz@CS.Princeton.EDU>]

Hi there, 

I just joined the list. I haven't found the answer in the archives,
but forgive me if this has been asked before...  

I want to do RMI over SSL. Let's assume I have a RMI server like this:

public class MyRMIServerImpl 
   extends SSLUnicastRemoteObject 
   implements MyRMIServer {
   ...

   public void foo() throws RemoteException {
     ...
   }

}

where SSLUnicastRemoteObject takes care of exporting this server with
SocketFactories that use SSLSockets instead of Sockets. Since I want to do
mutual authentication, the SocketFactories also put
Client/ServerTrustDeciders in the SSL context objects. However, my SSL layer
always permits connections; it is up to the application whether it wants to
allow certain calls. So here's the question: How can I, within foo(), find
out who the (authenticated) party is that is calling me (i.e. obtain their
certificates)? 

I understand that on the socket level, there is something like 
SSLSocket.getSession().getPeerCertificate(). But how do I do I get my 
hands on that certificate from within my RMIServerImpl?

Any ideas?

Thanks so much, 

Dirk. 


--
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-ssl