users@jersey.java.net

[Jersey] Server-side access control using client's X509 certificate DN

From: John MacAuley <john_at_blackacorn.ca>
Date: Wed, 18 Mar 2015 00:35:01 -0400

Peoples,

I using JAX-RS with Jersey 2.17 and Grizzly as my HTTP server. I have client authentication configured and working, however, I am attempting to implement access control on the client's X.509 certificate DN. This will give me equivalent capabilities to what I have with Apache httpd and FakeBasicAuth configured.

I have attempted to use a ContainerRequestFilter but can seem to find a way to get a reference to the client's DN associated with the TLS session. Can someone show me a way to get access to the certificate with the ContainerRequestFilter or any other mechanism for achieving the same end goal?

Thank you!
John