1. 首页
  2. 问答
  3. 如何将证书放入X509过滤器(Spring Security)?

如何将证书放入X509过滤器(Spring Security)?

2009-07-09 115 views
1

我需要提取更多的信息,而不仅仅是证书的CN。目前,我只获得标准的UserDetails loadUserByUsername(String arg),其中arg是证书的CN。我需要获取X509Certificate对象。可能吗?如何将证书放入X509过滤器(Spring Security)?

春安全XML文件:

<x509 subject-principal-regex="CN=(.*?)," user-service-ref="myUserDetailsService" />

来源

2009-07-09 imambenjol

回答

2

不,你不能得到它的方式。您需要将来自HttpServletRequest抓住它:

X509Certificate[] certs = (X509Certificate[])HttpServletRequest.getAttribute("javax.servlet.request.X509Certificate");

来源

2009-07-09 14:49:22 Gandalf

+0

如果你打印出'cert [0] .toString()',那么证书应该以'---- BEGIN CERTIFICATE ---- ....'开头,最后是---- ---- END CERTIFICATE -----'? – 2013-05-09 18:46:28

0

还值得一提的是,一旦你被授权内置的Spring SecurityX509AuthenticationFilter,因为它已经接受了你的证书,那么你就可以访问X509Certificate

Object object = SecurityContextHolder.getContext().getAuthentication().getCredentials(); 
if (object instanceof X509Certificate) 
{ 
    X509Certificate x509Certificate = (X509Certificate) object; 
    //convert to bouncycastle if you want 
    X509CertificateHolder x509CertificateHolder = 
     new X509CertificateHolder(x509Certificate.getEncoded()); 
    ...

来源

2014-11-10 13:29:59 EpicPandaForce

相关问题

 相关问题