2 Replies Latest reply on Jul 20, 2012 3:53 AM by mchenderson

Find Client SSL Certificate for a given Invocation?

mchenderson Apr 20, 2012 8:35 AM

I am using JBoss 4.2.3 and am invoking a certificate-based login service over an SSL connection.

The client provides a certificate when setting up the SSL connection and it is supposed to provide the same certificate as an argument to the login service.

My difficulty is that I cannot see a way to determine from an invocation received by the server which SSL socket was the source of that invocation. This means I have no way to check whether the certificate that was given by the client to set up the SSL connection is the same one as is passed to the login invocation.

Has anyone tackled this kind of problem before? Did you find a solution?

Thanks in advance.

Michelle.

1. Re: Find Client SSL Certificate for a given Invocation?

ron_sigal Jul 17, 2012 6:32 PM (in response to mchenderson)

Hi Michelle,

Sorry for the delay.

There is a way to access sockets by registering a socket creation listener. See Section 5.4.1.3 "Socket creation listeners" of the Remoting Guide: http://http://docs.jboss.org/jbossremoting/2.5.4.SP3/guide/html/ .

Hope that helps.

-Ron
1 of 1 people found this helpful
Actions
2. Re: Find Client SSL Certificate for a given Invocation?

mchenderson Jul 20, 2012 3:53 AM (in response to ron_sigal)

Hi Ron,

Thank you for your reply.

We have already tried using a handshake complete listener to check the certificate offered by a client during SSL handshake. Nevertheless, we cannot see a way to determine which SSL connection is the source of an invocation received by the server. This does not seem to be an issue for later versions of JBoss Remoting.because we could then use invocationRequest.getRequestPayload().get(Remoting.CLIENT_ADDRESS).

We do anticipate upgrading to a later version of JBoss in the near future, so perhaps we will need to revisit this problem when that upgrade is complete.

Kind regards,

Michelle.
Actions

Go to original post