Been awhile since my last update…

• Been at my internal desk each morning for the past couple weeks submitting requests, setting up my development environment, and doing as much development as possible.
• Acquired PKI certificates for myself and the servers
• Figured out how to configure a tomcat server to use the certs, two-way ssl, and pass the cert along the HTTPRequest
• Wrote a Filter that pulls the certificate off the requests and attempts to validate the user with the central authentication server
• When the user’s credentials come back, the information is stored on the session for future requests and the user is allowed to continue
• If the user is not authorized a generic page stating that fact is shown
• Wrote a simple test servlet that demonstrates this capability
• Deployed the servlet to the integration machine where it is currently working just fine