logging a missing/invalid x509 cert?

**sbirnie** · Feb 19th, 2008, 10:18 AM

I'm using acegi to front end a web service, and I'm requiring a cert by using the XwsSecurityInterceptor.

Is there a way to catch when the cert is invalid or not in the trust store so I can log that somewhere?

**sbirnie** · Feb 21st, 2008, 08:29 AM

Hoping a bump will get some more views and an answer,

Along the same line, I'd like to be able to log the IP address from the incoming request if something in the endpoint fails. Is there a way to get the request information?

**Arjen Poutsma** · Feb 26th, 2008, 09:36 AM

Originally Posted by sbirnie

I'm using acegi to front end a web service, and I'm requiring a cert by using the XwsSecurityInterceptor.

Is there a way to catch when the cert is invalid or not in the trust store so I can log that somewhere?

Well, you can override the KeyStoreCallbackhandler, and do the appropriate logging where you want.

**Arjen Poutsma** · Feb 26th, 2008, 09:37 AM

Originally Posted by sbirnie

Hoping a bump will get some more views and an answer,

Along the same line, I'd like to be able to log the IP address from the incoming request if something in the endpoint fails. Is there a way to get the request information?

You can always get a reference to the current transport connection from the TransportContextHolder, as explained in the reference docs. See http://static.springframework.org/sp...nsport-context

Thread: logging a missing/invalid x509 cert?

Thread Tools

Display

logging a missing/invalid x509 cert?

Posting Permissions