Retrieving technical and security information about an HTTP request

An application can obtain information about the TCP/IP environment for an HTTP request, including the security options that are in use, and about a client certificate that has been provided by a Web client.

CICS® manages the TCP/IP connection between a Web client and server, applies appropriate security measures, and manages the process of authenticating a Web client's identity. The actions taken by CICS for each connection are determined by the options you set in the TCPIPSERVICE definition for the port on which the Web client's request is received. A user-written application can examine information obtained by this process, if this is useful for determining how to process the request. For example, you can obtain the host name and IP address of the Web client that sent the HTTP request, or check the level of security and encryption for the connection.

The EXTRACT TCPIP command provides information about the TCP/IP connection, and about security options specified in the TCPIPSERVICE definition. The EXTRACT CERTIFICATE command provides information taken from any X.509 client certificate that was received from the Web client during a Secure Sockets Layer (SSL) handshake. The CICS Application Programming Reference has full reference information and descriptions of the options available on these commands.