Skip to main content
A
Anonymous
October 6, 2010
Question

Where is the API for PKI authentication library in ColdFusion 9?

  • October 6, 2010
  • 1 reply
  • 1867 views

Hello,

I have to get PKI/certificates working with our ColdFusion application.  We're using CF9, and evidently there were calls added

to this to help you get the cert, the distinguished name, etc.  So, what I am looking for specifically is where can I read

the API for this?   I need to know the functions, tags, etc that I will be calling in order to get the info I need from the cert.

Thanks!

    This topic has been closed for replies.

    1 reply

    A
    Anonymous
    October 24, 2010

    I was able to find something to try from the forum, although not explained well.  I had to use cfdump to see

    the different methods to use:

    <!---We need to get all of the required fields from the 509 cert and store those in session--->
    <cfset x509 = GetPageContext().getRequest().getAttribute("javax.servlet.request.X509Certificate")>

    <!---Debug prints--->
    <cfdump var=#x509[1].getSubjectDN().getCommonName()#>
    <cfdump var=#x509[1].getIssuerDN().getCommonName()#>
    <cfdump var=#x509[1].getIssuerDN().getOrganization()#>
    <cfdump var=#x509[1].getIssuerDN().getOrganizationalUnit()#>

    I saw some other solutions with cfscript, but that's overkill.  I also find it incredibly STUPID that

    the CGI variables for CERT_SUBJECT, etc, are only available if you use IIS.  Umm, who even

    USES IIS anyway?  People use Apache/Jrun more than anything.  I wasted a lot of time going through

    the CGI and asking questions on other forums about it.

    However, the above method is easy, and works.

    D
    Community Expert
    Dave WattsCommunity Expert
    Community Expert
    October 24, 2010

    IIS is very commonly used for CF application deployment and development. I've been working with CF since version 1.5, and in my experience, IIS is more commonly used than Apache for the clients I've worked with. So, the short answer is, lots of people use IIS.

    That said, CGI variables are often provided by the web server, and not all web servers provide the same CGI variables.

    Dave Watts, CTO, Fig Leaf Software

    http://www.figleaf.com/

    http://training.figleaf.com/

    Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on

    GSA Schedule, and provides the highest caliber vendor-authorized

    instruction at our training centers, online, or onsite.

    Read this before you post:

    http://forums.adobe.com/thread/607238

    Dave Watts, Eidolon LLC
    trubel
    trubel
    Participating Frequently
    January 14, 2013

    I realized it has been a while since the last post.  I don't ahve control of my server or access to CFAdmin.  I think that I need to make a reqeust to or Admins for something to be turned on.  Maybe someone here can help me.

    Here where I work we have PKI's issues and I want to use them to check creditials as the view my site.  I also want to be able to prompte them for their pki password and check that it was correct. 

    When I do a cfdump on  <cfset x509 = GetPageContext().getRequest().getAttribute("javax.servlet.request.X50 9Certificate")>

    I get "undefinted"  Does anything need to be done on the server?

    Terms & ConditionsAccessibility statement
    Using the community Terms of use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices