1 // This may look like C code, but it's really -*- C++ -*- 2 /* 3 * Copyright (C) 2012 Emweb bv, Herent, Belgium. 4 * 5 * See the LICENSE file for terms of use. 6 */ 7 #ifndef WT_WSSL_INFO_H_ 8 #define WT_WSSL_INFO_H_ 9 10 #include <Wt/WDllDefs.h> 11 #include <Wt/WSslCertificate.h> 12 #include <Wt/WValidator.h> 13 14 #include <string> 15 #include <vector> 16 17 #ifndef WT_TARGET_JAVA 18 19 namespace Wt { 20 21 /*! \class WSslInfo Wt/WSslInfo.h Wt/WSslInfo.h.C 22 * \brief Provides SSL information about the current session. 23 * 24 * This class provides an interface to the SSL information related 25 * to the current session. This class is returned by 26 * WEnvironment::sslInfo(). 27 * 28 * Probably the most important use of this class is that it provides 29 * access to the client certificate which was presented by the 30 * client during an https handshake to authenticate the SSL session. 31 * This class collects the information on the verification that was 32 * performed by the connector (FCGI, ISAPI, the built-in webserver, ...) 33 * and presents it to the application programmer. 34 * 35 * The verification and the acceptance of the certificate has to be 36 * configured in the web server (built-in httpd, Apache, IIS, ...). 37 * When WEnvironment::sslInfo() returns a WSslInfo object, this means 38 * that the client verification has already passed the verification 39 * procedures in the webserver. This does not mean that the 40 * certificate is valid; depending on the configuration of your web 41 * server, this verification may be weak. Always check the 42 * verification result with clientVerificationResult(). 43 * 44 * This class is only available when %Wt was compiled with SSL support. 45 */ 46 class WT_API WSslInfo 47 { 48 public: 49 /* 50 * The WSslInfo class will usually be created by the library itself 51 * and is therefore not public API. 52 */ 53 WSslInfo(const WSslCertificate &clientCertificate, 54 const std::vector<WSslCertificate> &clientCertificateChain, 55 WValidator::Result clientVerificationResult); 56 57 /*! \brief Returns the certificate used by the client for authentication. 58 */ clientCertificate()59 const WSslCertificate &clientCertificate() const { 60 return clientCertificate_; 61 } 62 63 /*! \brief Returns the certificate chain used for client authentication. 64 * 65 * Warning: for the ISAPI connector, the certificate chain will always be 66 * empty. 67 */ clientPemCertificateChain()68 const std::vector<WSslCertificate> &clientPemCertificateChain() const { 69 return clientCertificateChain_; 70 } 71 72 /*! \brief Returns the result of the client certificate verification. 73 * 74 * WSslInfo (and thus Wt) by itself does not perform any validation: 75 * this task is entirely up to the web server, and this class merely 76 * reports the validation status reported by the webserver. 77 */ clientVerificationResult()78 WValidator::Result clientVerificationResult() const { 79 return clientVerificationResult_; 80 } 81 82 private: 83 WSslCertificate clientCertificate_; 84 std::vector<WSslCertificate> clientCertificateChain_; 85 WValidator::Result clientVerificationResult_; 86 87 std::string gdb() const; 88 }; 89 90 } 91 92 #endif 93 94 #endif // WT_WSSL_INFO_H_ 95