如何在泽西运行Netty的SSL信息（对等证书）？(How to get SSL info (peer cert) in Jersey running with Netty?)

如何在泽西运行Netty的SSL信息（对等证书）？(How to get SSL info (peer cert) in Jersey running with Netty?)

我正在使用带有Netty的Jersey框架。

我通过SSL客户端证书验证客户端。

我正在尝试为客户端调用实现GET whoami（）方法。 我希望响应中包含用于调用netty服务器的客户端ssl证书中的一些信息。

我想我需要使用某种@Context参数，但是我没能找到进入SSLEngine的方法。

我找到了一个使用Girzzly [1]想要做的事情的例子，但是我没有在netty中找到类似的东西。

您对如何访问客户端SSL详细信息有任何想法吗？ 在Netty中我可以使用哪些Context对象？

更新澄清：我如何从@ GET资源中访问ChannelPipeline？

[1] http://jersey.576304.n2.nabble.com/Context-SecurityContext-not-initialized-with-SSL-client-certs-td7556681.html

I'm using the Jersey framework with Netty.

I am authenticating a client via SSL client-certificate.

I'm trying to implement a GET whoami() method for clients to call. I want the response to include some info from the the client ssl certificate used to call the netty server.

I think I need to use some sort of @Context parameter, but I'm failing to find a way into the SSLEngine.

I found an example of what i want to do using Girzzly[1], but i'm failing to find a similar thing in netty.

Do you have any ideas on how to get access to Client SSL details? What Context objects are available to me in Netty?

Update Clarification: How might i get access to the ChannelPipeline from inside my @ GET resource?

[1]http://jersey.576304.n2.nabble.com/Context-SecurityContext-not-initialized-with-SSL-client-certs-td7556681.html

最满意答案

获取SSLEngine取决于您在Netty中初始化ChannelPipeline的方式。 一种常见的模式是将SslHandler插入到管道中，如本例所示 。 这是一个单元测试 ，您可以在其中明确地看到SSLEngine被SslHandler包装并插入到管道中。 一旦了解了管道的配置方式，就可以按类型或名称使用ChannelPipeline.get（...）从管道中获取元素。

有关更具体的答案，您必须提供有关配置的更多详细信息。 我不熟悉您的设置，Netty和Jersey如何交互，或者Netty接口对您的访问方式。

Getting the SSLEngine depends upon how your ChannelPipeline is initialized in Netty. One common pattern is to insert a SslHandler into the pipeline like in this example. Here is a unit test where you can explicitly see the SSLEngine being wrapped by a SslHandler and inserted into the pipeline. Once you know how your pipeline is configured you can get elements from the pipeline using ChannelPipeline.get(...) by type or by name.

For a more specific answer you will have to provide more details about your configuration. I'm not familiar with your setup, how Netty and Jersey are interacting, or how accessible Netty's interfaces are to you.