6

I need to extract more information than just the CN of the certificate. Currently, I only get the standard UserDetails loadUserByUsername(String arg) where arg is the CN of the certificate. I need to get the X509Certificate object. Is it possible?

on spring security xml file :

<x509 subject-principal-regex="CN=(.*?)," user-service-ref="myUserDetailsService" />
Improve this question

2 Answers 2

Reset to default
6

No you can't get it that way. You need to grab it from the HttpServletRequest:

X509Certificate[] certs = (X509Certificate[])HttpServletRequest.getAttribute("javax.servlet.request.X509Certificate");
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

If you print out cert[0].toString(), should the cert begin with something like ---- BEGIN CERTIFICATE ---- .... and end with ---- END CERTIFICATE -----?
1

It is also worth noting that once you are authorized by the in-built X509AuthenticationFilter of Spring Security as it has accepted your certificate, then you can access the X509Certificate as 

Object object = SecurityContextHolder.getContext().getAuthentication().getCredentials(); if (object instanceof X509Certificate) { X509Certificate x509Certificate = (X509Certificate) object; //convert to bouncycastle if you want X509CertificateHolder x509CertificateHolder = new X509CertificateHolder(x509Certificate.getEncoded()); ...
Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.