users@grizzly.java.net

Re: SSL Layer and Principals

From: Alaska <bagirin_at_gmx.de>
Date: Thu, 20 Aug 2009 06:11:00 -0700 (PDT)

Hello Alexey,

i"ve just checked it up, the flag is set...
however the error occurs...

thank you,
alaska




Oleksiy Stashok wrote:
>
> Hi Alaska,
>
> I'm not big security expert :)
> Just guess, you need to set flag, that you require client
> authentication.
> sslReadFilter.setNeedClientAuth(true);
>
> WBR,
> Alexey.
>
>
> On Aug 20, 2009, at 13:00 , Alaska wrote:
>
>>
>> Hello Alexey,
>>
>> How can I get the principal from the client certificate?
>> i tried something like:
>>
>> SSLEngine engine = ((WorkerThread)
>> Thread.currentThread()).getSSLEngine();
>>
>> SSLSession session = engine.getSession();
>>
>> session.getPeerPrincipal();
>>
>> and I get the error:
>>
>>
>> run:
>> truststore file has been set
>> keystoreUrl file has been set
>> Aug 20, 2009 12:56:39 PM com.sun.grizzly.Controller start
>> INFO: Starting Grizzly Framework 1.9.18-M1 - Thu Aug 20 12:56:39
>> CEST 2009
>> startBuffer
>> startBuffer
>> request GET / HTTP/1.1
>> Host: localhost:1080
>>
>> Aug 20, 2009 12:56:45 PM com.sun.grizzly.DefaultProtocolChain
>> executeProtocolFilter
>> SEVERE: ProtocolChain exception
>> javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
>> postExecute RequestControllerFilter
>> at
>> com
>> .sun
>> .net
>> .ssl
>> .internal.ssl.SSLSessionImpl.getPeerPrincipal(SSLSessionImpl.java:471)
>>
>> Thank you!
>> best regards,
>> alaska
>> --
>> View this message in context:
>> http://www.nabble.com/SSL-Layer-and-Principals-tp25059961p25059961.html
>> Sent from the Grizzly - Users mailing list archive at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe_at_grizzly.dev.java.net
>> For additional commands, e-mail: users-help_at_grizzly.dev.java.net
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_grizzly.dev.java.net
> For additional commands, e-mail: users-help_at_grizzly.dev.java.net
>
>
> 

-- 
View this message in context: http://www.nabble.com/SSL-Layer-and-Principals-tp25059961p25061747.html
Sent from the Grizzly - Users mailing list archive at Nabble.com.
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.