If a request has been transmitted over a secure protocol, such as HTTPS, this information must be exposed via the isSecure method of the ServletRequest interface. In servlet containers that are running in a Java 2 Standard Edition, v1.2 or Java 2 Enterprise Edition, v1.2 environment, if there is an SSL certificate associated with the request, it must be exposed to the servlet programmer as an array of objects of type java.security.cert.X509Certificate and accessible via a ServletRe quest attribute of javax.servlet.request.X509Certificate . For a servlet container that is not running in a Java2 Standard Edition 1.2 environment, vendors may provide vendor specific request attributes to access SSL certificate information. |