[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-ssl] ssl and servlets

Once again thank-you for the swift reply. I understand I should be patient
and wait on the next beta release but perhaps you could give me a pointer in
the right direction. In my servlet book I have an example for reading the
attributes of a certificate, however I understand from the author that the
code is specific to th Java Web Server. Could you give me a tip on how to
change this code so that I can at least read the certificates?  I would be
most grateful.

*Author: C.J. Chalmers
*Version: 1.0   Date: sept. 1999

import java.io.*;
import java.util.*;

import javax.servlet.*;
import javax.servlet.http.*;

import java.security.*;
import java.security.cert.X509Certificate;

import iaik.security.ssl.*;
import iaik.security.ssl.CipherSuite;

public class headerSnoop extends HttpServlet

  public void init(ServletConfig config) throws ServletException {
   file://Always call super.init() first (servlet mantra #1)

  public void doGet (HttpServletRequest req, HttpServletResponse res) throws
ServletException, IOException {
   doPost(req, res);

  public void doPost (HttpServletRequest req, HttpServletResponse res)
throws ServletException, IOException {

   PrintWriter out = res.getWriter();

   out.println("Request Headers: ");

   Enumeration enum = req.getHeaderNames();
   while (enum.hasMoreElements()) {
    String name = (String) enum.nextElement();
    String value = req.getHeader(name);
    if (value != null) {
     out.println(name + ": " + value);

   X509Certificate certChain[] = (X509Certificate[])
    if(certChain != null) {
     for (int i = 0; i < certChain.length; i++) {
      out.println("Client Certificate [" + i + "] =" +


  public void destroy() {


  public String getServletInfo() {
        return "A simple servlet";


----- Original Message -----
From: Andreas Sterbenz <Andreas.Sterbenz@iaik.tu-graz.ac.at>
To: Colin Chalmers <collie@dds.nl>; <iaik-ssl@iaik.tu-graz.ac.at>
Sent: Monday, September 13, 1999 3:08 PM
Subject: Re: [iaik-ssl] ssl and servlets

Those servlets are not yet publicly available but will be included in the
iSaSiLk 3.0beta2 release coming within the next two weeks.

Anyway, there are no real issues particular to servlet programming. You
should only make sure that the IAIK JAR files are loaded as system
classes and not as servlet classes to avoid problems with the servlet


 Andreas Sterbenz              mailto:Andreas.Sterbenz@iaik.tu-graz.ac.at

-----Ursprüngliche Nachricht-----
Von: Colin Chalmers <collie@dds.nl>
An: <iaik-ssl@iaik.tu-graz.ac.at>
Gesendet: Montag, 13. September 1999 13:57
Betreff: [iaik-ssl] ssl and servlets

>     Peter,
> Thanx for the prompt reply. I'm beginning to experiment with ssl and
> certificates for a possible project later this year. At present I'm
> looking at the possibilities and possible problems in combination with
> servlets. The examples I just saw on your site are exactly what I'm
> looking for to get me up and running. Is it possible to get a copy of
> these servlets or are they already included in the "package" as demo's?
> Colin Chalmers

Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-ssl/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-ssl