我需要提取更多信息,而不仅仅是证书的 CN。目前,我只得到标准的 UserDetails loadUserByUsername(String arg) 其中 arg 是证书的 CN。我需要获取 X509Certificate 对象。可能吗?
在 Spring Security xml 文件中:
<x509 subject-principal-regex="CN=(.*?)," user-service-ref="myUserDetailsService" />
问问题
11138 次
2 回答
4
不,你不能那样做。您需要从 HttpServletRequest 中获取它:
X509Certificate[] certs = (X509Certificate[])HttpServletRequest.getAttribute("javax.servlet.request.X509Certificate");
于 2009-07-09T14:49:22.860 回答
1
还值得注意的是,一旦您获得了内置 as 的授权,X509AuthenticationFilter它Spring Security已经接受了您的证书,那么您就可以访问X509Certificateas
Object object = SecurityContextHolder.getContext().getAuthentication().getCredentials();
if (object instanceof X509Certificate)
{
X509Certificate x509Certificate = (X509Certificate) object;
//convert to bouncycastle if you want
X509CertificateHolder x509CertificateHolder =
new X509CertificateHolder(x509Certificate.getEncoded());
...
于 2014-11-10T13:29:59.507 回答