import java.io.File;
import java.io.IOException;
import java.io.InputStream;
+import java.net.URLDecoder;
+import java.nio.charset.StandardCharsets;
import java.nio.file.StandardCopyOption;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
try {
String certHeader = ((HttpServletRequest) request).getHeader("X-SSL-Cert");
if (certHeader != null) {
-
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
X509Certificate cert = (X509Certificate) certificateFactory
- .generateCertificate(new ByteArrayInputStream(certHeader.getBytes()));
- request.setAttribute("javax.servlet.request.X509Certificate", cert);
-
+ .generateCertificate(new ByteArrayInputStream(
+ URLDecoder.decode(certHeader, StandardCharsets.UTF_8.toString()).getBytes()));
+ X509Certificate[] certifArray = ((X509Certificate[]) request
+ .getAttribute("javax.servlet.request.X509Certificate"));
+ if (certifArray == null) {
+ certifArray = new X509Certificate[] { cert };
+ request.setAttribute("javax.servlet.request.X509Certificate", certifArray);
+ } else {
+ certifArray[0] = cert;
+ }
}
+
} catch (CertificateException e) {
logger.error("Unable to inject the X.509 certificate", e);
}
Code Review / clamp.git / blobdiff