Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/spring/14.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
如何将证书放入X509筛选器(Spring Security)?_Spring_Spring Security_X509certificate - Fatal编程技术网
Fatal编程技术网
  • spring/
  • 如何将证书放入X509筛选器(Spring Security)?

如何将证书放入X509筛选器(Spring Security)?

spring spring-security

如何将证书放入X509筛选器(Spring Security)?,spring,spring-security,x509certificate,Spring,Spring Security,X509certificate,我需要提取的信息不仅仅是证书的CN。目前,我只获得标准的UserDetails loadUserByUsername(字符串arg),其中arg是证书的CN。我需要获取X509Certificate对象。可能吗 关于spring安全xml文件: <x509 subject-principal-regex="CN=(.*?)," user-service-ref="myUserDetailsService" /> 不,你不能那样做。您需要从HttpServletRequest获取它

我需要提取的信息不仅仅是证书的CN。目前,我只获得标准的UserDetails loadUserByUsername(字符串arg),其中arg是证书的CN。我需要获取X509Certificate对象。可能吗

关于spring安全xml文件:

<x509 subject-principal-regex="CN=(.*?),"  user-service-ref="myUserDetailsService" />
不,你不能那样做。您需要从HttpServletRequest获取它:

X509Certificate[] certs = (X509Certificate[])HttpServletRequest.getAttribute("javax.servlet.request.X509Certificate");
还值得注意的是,一旦您被
Spring Security
的内置
X509AuthenticationFilter
授权,因为它已经接受了您的证书,那么您就可以访问
X509Certificate

Object object = SecurityContextHolder.getContext().getAuthentication().getCredentials();
if (object instanceof X509Certificate)
{
    X509Certificate x509Certificate = (X509Certificate) object;
    //convert to bouncycastle if you want
    X509CertificateHolder x509CertificateHolder =
        new X509CertificateHolder(x509Certificate.getEncoded());
    ...
如果打印出
cert[0].toString()
,该证书是否应该以
----开始证书-----..
之类的内容开头,并以
----结束证书-----
结尾?