[question]How do I access the http request from within a XMLRPC::WEBrickServlet?

[jro]

--e5bfZ/T2xnjpUIbw
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable


I've been working with xmlrpc4r and webrick recently, and things have gone
swimmingly for the most part. I'm able to to communicate back and forth ov=
er
ssl, authenticating with client and server ssl certificates signed by our C=
A. =20
But, what I need next is some way for the server to know which client is=20
attached to it. =20

I was hoping that I could get down to the cert from within the=20
XMLRPC::WEBrickServlet handlers, but I'm not having much luck? Any info ab=
out
how to dig down the request from within the handler would be great. If any=
one
has any suggestions on how better to do this, I'd be all ears. But I do n=
eed
the server to be deciding who's connected to it, not the client telling the
server who it is.

Thanks!

-jason

--e5bfZ/T2xnjpUIbw
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDdQDEw2QEY5tkPw0RArkZAJ9q4bdwtJXqXGFIQglXuoxklsRTUgCggKex
Paj6cDbdfSPJZP2HBDaAsPE=
=0hma
-----END PGP SIGNATURE-----

--e5bfZ/T2xnjpUIbw--

 

[Adam Keys]

I've been working with xmlrpc4r and webrick recently, and things
have gone
swimmingly for the most part. I'm able to to communicate back and
forth over
ssl, authenticating with client and server ssl certificates signed
by our CA.
But, what I need next is some way for the server to know which
client is
attached to it.

I was hoping that I could get down to the cert from within the
XMLRPC::WEBrickServlet handlers, but I'm not having much luck? Any
info about
how to dig down the request from within the handler would be
great. If anyone
has any suggestions on how better to do this, I'd be all ears.
But I do need
the server to be deciding who's connected to it, not the client
telling the
server who it is.

Here's how I get at the request and response objects in xmlrpc4r.

---
class MyServlet < XMLRPC::WEBrickServlet
def service(request, response)
# do whatever I want with the request
super
# do whatever I want with the response
end
end
---

The call to #super will invoke whatever handlers you've added to your
servlet. Its not quite what you're looking for, but hopefully its a
start. Maybe you could put the relevant certificate information in
an instance variable from #service and then revisit it in your handler?

HTH,

 

[jro]

--yiup30KVCQiHUZFC
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Here's how I get at the request and response objects in xmlrpc4r.
=20
---
class MyServlet < XMLRPC::WEBrickServlet
def service(request, response)
# do whatever I want with the request
super
# do whatever I want with the response
end
end
---
=20
The call to #super will invoke whatever handlers you've added to your =20
servlet. Its not quite what you're looking for, but hopefully its a =20
start. Maybe you could put the relevant certificate information in =20
an instance variable from #service and then revisit it in your handler?

Thanks for the tip, it has put me one step closer to my goal. I can gather
info about the certificate in the service method, but I haven't figured out
how to pass it into the handler..=20

class MyServlet < XMLRPC::WEBrickServlet
def service(request, response)
@client_cert_subject=3Drequest.client_cert.subject
puts client_cert_subject # this works
super
end
end

servlet =3D MyServlet.new

something =3D SomeObject.new=20

servlet.add_handler("something.do_something") do
puts @client_cert_summary # this prints "nil"
something.do_something
end

And also if I "puts self.inspect" inside the add_handler block, I get "main=
".
Which wasn't quite what I expected. =20

-jason

--yiup30KVCQiHUZFC
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFDeMt4w2QEY5tkPw0RAqldAJwI4ifpiw6g1TJ2M0G7vBC0TeBKzwCeLhS7
VamGLaUnEU1uV9jUhdX6WT8=
=uCTY
-----END PGP SIGNATURE-----

--yiup30KVCQiHUZFC--