Wt
3.7.1
|
Provides SSL information about the current session. More...
#include <Wt/WSslInfo.C>
Public Member Functions | |
const WSslCertificate & | clientCertificate () const |
Returns the certificate used by the client for authentication. | |
const std::vector< WSslCertificate > & | clientPemCertificateChain () const |
Returns the certificate chain used for client authentication. More... | |
WValidator::Result | clientVerificationResult () const |
Returns the result of the client certificate verification. More... | |
Provides SSL information about the current session.
This class provides an interface to the SSL information related to the current session. This class is returned by WEnvironment::sslInfo().
Probably the most important use of this class is that it provides access to the client certificate which was presented by the client during an https handshake to authenticate the SSL session. This class collects the information on the verification that was performed by the connector (FCGI, ISAPI, the built-in webserver, ...) and presents it to the application programmer.
The verification and the acceptance of the certificate has to be configured in the web server (built-in httpd, Apache, IIS, ...). When WEnvironment::sslInfo() returns a WSslInfo object, this means that the client verification has already passed the verification procedures in the webserver. This does not mean that the certificate is valid; depending on the configuration of your web server, this verification may be weak. Always check the verification result with clientVerificationResult().
This class is only available when Wt was compiled with SSL support.
const std::vector<WSslCertificate>& Wt::WSslInfo::clientPemCertificateChain | ( | ) | const |
Returns the certificate chain used for client authentication.
Warning: for the ISAPI connector, the certificate chain will always be empty.
WValidator::Result Wt::WSslInfo::clientVerificationResult | ( | ) | const |