Hi Alaska,
I'm not big security expert :)
Just guess, you need to set flag, that you require client
authentication.
sslReadFilter.setNeedClientAuth(true);
WBR,
Alexey.
On Aug 20, 2009, at 13:00 , Alaska wrote:
>
> Hello Alexey,
>
> How can I get the principal from the client certificate?
> i tried something like:
>
> SSLEngine engine = ((WorkerThread)
> Thread.currentThread()).getSSLEngine();
>
> SSLSession session = engine.getSession();
>
> session.getPeerPrincipal();
>
> and I get the error:
>
>
> run:
> truststore file has been set
> keystoreUrl file has been set
> Aug 20, 2009 12:56:39 PM com.sun.grizzly.Controller start
> INFO: Starting Grizzly Framework 1.9.18-M1 - Thu Aug 20 12:56:39
> CEST 2009
> startBuffer
> startBuffer
> request GET / HTTP/1.1
> Host: localhost:1080
>
> Aug 20, 2009 12:56:45 PM com.sun.grizzly.DefaultProtocolChain
> executeProtocolFilter
> SEVERE: ProtocolChain exception
> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
> postExecute RequestControllerFilter
> at
> com
> .sun
> .net
> .ssl
> .internal.ssl.SSLSessionImpl.getPeerPrincipal(SSLSessionImpl.java:471)
>
> Thank you!
> best regards,
> alaska
> --
> View this message in context: http://www.nabble.com/SSL-Layer-and-Principals-tp25059961p25059961.html
> Sent from the Grizzly - Users mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_grizzly.dev.java.net
> For additional commands, e-mail: users-help_at_grizzly.dev.java.net
>