users@glassfish.java.net

Re: Client Certificate authentication

From: <glassfish_at_javadesktop.org>
Date: Fri, 15 Feb 2008 01:18:30 PST

I have asked our Java Experts and will get back if i hear from them. Meantime, IMO something like the following may work ( i have not testsed this)

you can write your own X509TrustManager (MyX509TrustManager) :
http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide.html#X509TrustManager

And then in your WebApp init() you can do the following :


TrustManager[] myTMs = new TrustManager [] {
                          new MyX509TrustManager() };
SSLContext ctx = SSLContext.getInstance("TLS");
ctx.init(null, myTMs, null);

Thanks.
[Message sent by forum member 'kumarjayanti' (kumarjayanti)]

http://forums.java.net/jive/thread.jspa?messageID=259144