jetty_gwt_ssl
Steps to get gwt + ssl + jetty running:
1) set up jetty with ssl support, which means creating a keystore with the server's self signed key (for testing only), and a trust store containing the CAs that signed your own cert (e.g., if you use a cac card, the cas that validate your cac).
2) edit etc/jetty-https.xml with the necessary info to access the keystore and truststore
3) start jetty with ssl support: java -jar start.jar etc/jetty-https.xml
4) have the client (front end gwt gui) call your servlet to extract certificate:
X509Certificate certs[] =
(X509Certificate[])getThreadLocalRequest().getAttribute("javax.servlet.request.X509Certificate");
if (certs != null) {
for (int i = 0; i < certs.length; i++) {
System.out.println("Client Certificate [" + i + "] = " + certs[i].toString());
}
} else {
if ("https".equals(getThreadLocalRequest().getScheme())) {
System.out.println("This was an HTTPS request, " + "but no client certificate is available");
} else {
System.out.println("This was not an HTTPS request, " + "so no client certificate is available");
}
}
5) If you want to test this from gwt/eclipse you need to run the webapplication on a remote server: Debug As (Web Application running on remote server) and enter the servers information. (e.g., https://localhost:8443/webapp/webapp.html)
On how to set up jetty with ssl: http://wiki.eclipse.org/Jetty/Howto/Configure_SSL
UPDATE:
On newer Jetty models we need to modify the etc/jetty.xml file to include:
<Call name="addConnector">
<Arg>
<New class="org.eclipse.jetty.server.ssl.SslSelectChannelConnector">
<Arg>
<New class="org.eclipse.jetty.http.ssl.SslContextFactory">
<Set name="keyStore"><SystemProperty name="jetty.home" default="."/>/etc/keystore</Set>
<Set name="keyStorePassword">password</Set>
<Set name="keyManagerPassword">password</Set>
<Set name="trustStore"><SystemProperty name="jetty.home" default="."/>/etc/truststore</Set>
<Set name="trustStorePassword">storepassword</Set>
<Set name="NeedClientAuth">true</Set>
</New>
</Arg>
<Set name="port">8443</Set>
<Set name="maxIdleTime">30000</Set>
</New>
</Arg>
</Call>
Then invoke via: java -jar start.jar