Hi all,
I have used the JAX-WS tutorial to set up a "secure" web service using WSIT Mutual Certificate option:
http://java.sun.com/webservices/reference/tutorials/wsit/doc/WSIT_Security9.html#wp162511
It works fine, and the web service can only be accessed by a "trusted" web client, based on configured certificates. I'm using NetBeans 5.5.1 with SJSAS 9.1 over JDK 6 u4.
However, I would like to use the information about the connecting client (i.e. its distinguished name) to make some business logic decisions. But I don't know how to retreive that information within the web service. I've tried WebServiceContext.getUserPrincipal, hoping it would be a X509 principal... but it is always null.
Does anyone know how to get information about the calling client when using certificates this way?
thanks.
[Message sent by forum member 'sagimann' (sagimann)]
http://forums.java.net/jive/thread.jspa?messageID=296266