如何將證書放入X509過濾器（Spring Security）？

我需要提取更多的信息，而不僅僅是證書的CN。目前，我只獲得標準的UserDetails loadUserByUsername（String arg），其中arg是證書的CN。我需要獲取X509Certificate對象。可能嗎？如何將證書放入X509過濾器（Spring Security）？

春安全XML文件：

<x509 subject-principal-regex="CN=(.*?)," user-service-ref="myUserDetailsService" />

來源

2009-07-09 imambenjol

不，你不能得到它的方式。您需要將來自HttpServletRequest抓住它：

X509Certificate[] certs = (X509Certificate[])HttpServletRequest.getAttribute("javax.servlet.request.X509Certificate");

來源

2009-07-09 14:49:22 Gandalf

如果你打印出'cert [0] .toString（）'，那麼證書應該以'---- BEGIN CERTIFICATE ---- ....'開頭，最後是---- ---- END CERTIFICATE -----'？ – 2013-05-09 18:46:28

還值得一提的是，一旦你被授權內置的Spring SecurityX509AuthenticationFilter，因爲它已經接受了你的證書，那麼你就可以訪問X509Certificate爲

Object object = SecurityContextHolder.getContext().getAuthentication().getCredentials(); 
if (object instanceof X509Certificate) 
{ 
    X509Certificate x509Certificate = (X509Certificate) object; 
    //convert to bouncycastle if you want 
    X509CertificateHolder x509CertificateHolder = 
     new X509CertificateHolder(x509Certificate.getEncoded()); 
    ...

來源

如何將證書放入X509過濾器（Spring Security）？

回答

相關問題