Sun Java System Web Server 7.0 Update 1 Developer's Guide to Java Web Applications

Fetching the Client Certificate

When you enable SSL and require client certificate authorization, your servlets have access to the client certificate as shown in the following example:


if (request.isSecure()) {
         java.security.cert.X509Certificate[] certs;
         certs = request.getAttribute("javax.servlet.request.X509Certificate");
        if (certs != null) {
            clientCert = certs[0];
            if (clientCert != null) {
               // Get the Distinguised Name for the user.
               java.security.Principal userDN = clientCert.getSubjectDN();
               ...
            }
         }
      }

      

The userDn is the fully qualified distinguished name for the user.