0
我在Tomcat服务器上运行的Spring-Boot中实现了一个REST API,这个REST API调用在另一个Tomcat服务器上运行的另一个Spring REST API。两个Web应用程序都需要客户端证书进行身份验在进行REST调用时,如何将客户端证书信息从app1传递给app2?目前在APP1的REST调用看起来是这样的:通过HttpUriRequest传递X509Certificate信息
@RequestMapping("/logintest")
@ResponseBody
ResponseEntity<String> logintest(HttpServletRequest request) {
// Let's try and login.
HttpUriRequest loginRequest = new HttpGet("http://localhost:8080/app2/login/")
request.setAttribute(X509_CERT_ATTRIBUTE,
request.getAttribute("javax.servlet.request.X509Certificate"))
HttpClient httpClient = new DefaultHttpClient()
HttpResponse response = httpClient.execute(cdpeRequest)
}
然而,这似乎并没有传递证书信息,以APP 2。当app2尝试解析证书信息以进行身份验证时,它会返回null。
应用2在做以下操作,从请求中提取客户端证书:
X509Certificate[] certs = (X509Certificate[]) request.getAttribute("javax.servlet.request.X509Certificate");