- marked as minor
JakartaServletUtils should check for x509 certificate in request attribute jakarta.servlet.request.X509Certificate
Issue #437
resolved
Maybe JakartaServletUtils should first check jakarta.servlet.request.X509Certificate for certificate and if not found it could check javax.servlet.request.X509Certificate?
Comments (5)
-
reporter -
- changed status to open
Thanks for the report
-
- changed status to resolved
Fixed here: f4f11d20c7ef4334e8444a38dc7ad4cc53997514
-
Released as
version 10.15 (2023-09-14) * Deprecates DefaultRPMetadataPolicyFactory, explicit client registration in OpenID Connect Federation 1.0 no longer uses metadata policies in the explicit client registration response. * The JakartaServletUtils.extractClientX509Certificate must use the "jakarta.servlet.request.X509Certificate" servlet attribute to obtain the client X509Certificate chain (iss #437).
Happy coding
-
reporter Fantastic support! Thank you very much
- Log in to comment