Hi
I have followed all the instructions on this discussion, and i´m still
getting the error:
HTTP Status 400 - No client certificate chain in this request
Does the user cert that i´m using need to be "trusted" by cert of tomcat sever?
I´m using Apache Tomcat/5.5.15, on Win Xp Pro SP2
I have g
Markus wrote:
> Ok, I just submitted the bugs #38553 and #38555 for both issues. If
> you need more information, please let me know via bugzilla.
5.5.x CLIENT-CERT shoudl work with all realms. 5.0.x - don't hold your
breath.
Mark
-
Ok, I just submitted the bugs #38553 and #38555 for both issues. If
you need more information, please let me know via bugzilla.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Markus wrote:
> Mark:
> Thank you for your link to the archive. It was my fault using the
> UserDatabase realm
> instead of the MemoryRealm. I'm, using tomcat 5.0.28 - is it still the
> case in 5.5.x
> that you MUST use the MemoryRealm for clientcert authentication?
All realms should work with CLI
Mark:
Thank you for your link to the archive. It was my fault using the
UserDatabase realm
instead of the MemoryRealm. I'm, using tomcat 5.0.28 - is it still the
case in 5.5.x
that you MUST use the MemoryRealm for clientcert authentication?
Anyway, there is still an issue when trying to access a r
Markus a écrit :
>Ok, when I set clientAuth to "want" the "Exception getting SSL Cert"
>goes away. (Wtf is this documented?).
>
Yes it is documented:
http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html
Section 'Edit the Tomcat Configuration File'
> But I still get the 403 - Access
>denied erro
Markus wrote:
> Ok, when I set clientAuth to "want" the "Exception getting SSL Cert"
> goes away. (Wtf is this documented?). But I still get the 403 - Access
> denied error.
If you specify a user-data-constraint, you don't need to specify
clientAuth in the connector.
> As username I used exactly t
Ok, when I set clientAuth to "want" the "Exception getting SSL Cert"
goes away. (Wtf is this documented?). But I still get the 403 - Access
denied error.
Here is how I added the users certificate to my realm:
web.xml:
/html/*
Markus wrote:
> Setting clientAuth to true / false in the Connector configuration
> works fine, but how do I configure client authenticaton on a
> per-directory or even per-servlet basis?
> And here are the results I get:
>
> https://domain/anypage : OK
> https://domain/html/anypage : HTTP Stat
Hi
Yes, it is possible. From connector configuration doc:
clientAuth:
Set this value to true if you want Tomcat to require all SSL clients to
present a client Certificate in order to use this socket.
Set this value to want if you want Tomcat to request a client Certificate,
but not fail if
Creating client certs is no problem, I already had client
authentication working on the Connector-Level.
Nick:
In other words: it is NOT possible in tomcat to have a webapp with
BOTH, a private part with ssl AND client authentication and a public
part with ssl but WITHOUT client authentication?
T
: Wednesday, February 01, 2006 9:22 AM
To: Tomcat Users List
Subject: Re: Tomcat and client certificates
Setting clientAuth to true / false in the Connector configuration
works fine, but how do I configure client authenticaton on a
per-directory or even per-servlet basis?
This is my current configuration
Setting clientAuth to true / false in the Connector configuration
works fine, but how do I configure client authenticaton on a
per-directory or even per-servlet basis?
This is my current configuration:
In server.xml:
In web.xml:
/html/*
Tom Bednarz wrote:
> Is it possible to run on the same container (instance of Tomcat) web
> application that DO require certificates and other applications that do
> NOT require certificates?
Just specify
CLIENT-CERT
in web.xml. Assuming of course that you have a security constraint
tha
> From: Tom Bednarz [mailto:[EMAIL PROTECTED]
> Subject: Tomcat and client certificates
>
> If that is not possible, I need two servers, each running
> an instance of Tomcat with different server.xml settings.
I haven't tried it, but I would think all you need is two se
Is it possible to run on the same container (instance of Tomcat) web
application that DO require certificates and other applications that do
NOT require certificates?
To define required client certificate authorization one needs to define
in SERVER.XML
="org.apache.coyote.tomcat4.CoyoteSer
16 matches
Mail list logo
