diff --git a/config/client_certificate_mapper.yml b/config/client_certificate_mapper.yml index a306eaba03..e32fbedc82 100644 --- a/config/client_certificate_mapper.yml +++ b/config/client_certificate_mapper.yml @@ -15,5 +15,7 @@ # Container security provider configuration --- -version: 1.+ -repository_root: "{default.repository.root}/client-certificate-mapper" +version: 2.+ +version_lines: + - 2.+ +repository_root: "{default.repository.root}/client-certificate-mapper" \ No newline at end of file diff --git a/docs/framework-client_certificate_mapper.md b/docs/framework-client_certificate_mapper.md index 1927985803..5d3852b5a6 100644 --- a/docs/framework-client_certificate_mapper.md +++ b/docs/framework-client_certificate_mapper.md @@ -1,5 +1,7 @@ # Client Certificate Mapper -The Client Certificate Mapper Framework adds a Servlet Filter to applications that will that maps the `X-Forwarded-Client-Cert` to the `javax.servlet.request.X509Certificate` Servlet attribute. +The Client Certificate Mapper Framework adds a Servlet Filter to applications that will that maps the `X-Forwarded-Client-Cert` to the `javax|jakarta.servlet.request.X509Certificate` Servlet attribute. + +The Client Certificate Mapper Framework will download a helper library, [java-buildpack-client-certificate-mapper][library repository], that will enrich Spring Boot (2 and 3), as well as JEE / JakartaEE applications classpath with a servlet filter. @@ -18,10 +20,10 @@ For general information on configuring the buildpack, including how to specify c The framework can be configured by modifying the [`config/client_certificate_mapper.yml`][] file in the buildpack fork. The framework uses the [`Repository` utility support][repositories] and so it supports the [version syntax][] defined there. -| Name | Description -| ---- | ----------- +| Name | Description +|-------------------| ----------- | `repository_root` | The URL of the Container Customizer repository index ([details][repositories]). -| `version` | The version of Container Customizer to use. Candidate versions can be found in [this listing][]. +| `version` | The version of Container Customizer to use. Candidate versions can be found in [this listing][]. ## Servlet Filter The [Servlet Filter][] added by this framework maps the `X-Forwarded-Client-Cert` to the `javax.servlet.request.X509Certificate` Servlet attribute for each request. The `X-Forwarded-Client-Cert` header is contributed by the Cloud Foundry Router and contains the any TLS certificate presented by a client for mututal TLS authentication. This certificate can then be used by any standard Java security framework to establish authentication and authorization for a request. @@ -32,3 +34,4 @@ The [Servlet Filter][] added by this framework maps the `X-Forwarded-Client-Cert [Servlet Filter]: https://github.com/cloudfoundry/java-buildpack-client-certificate-mapper [this listing]: http://download.pivotal.io.s3.amazonaws.com/container-security-provider/index.yml [version syntax]: extending-repositories.md#version-syntax-and-ordering +[library repository]: https://github.com:cloudfoundry/java-buildpack-client-certificate-mapper.git