getting client DN in axis

2005-08-24 Thread Tuan Anh Nguyen 
I want to get client DN out of the public key certificate after mutual
authentication with tomcat in axis application.
Please help.

Thanks in advance,
Tuan Anh

Re: mutual authentication

2005-05-15 Thread Tuan Anh Nguyen 
Hi,

Yes, I tried to access a tomcat hosted axis ws from php client. It
worked ok without authentication, but I need to configure it with
mutual authentication. I use tomcat 4.1 and configure ssl for tomcat
as following:

1. I started out using openssl to create my own CA root certificate
(this is a self-signed certificate used to sign other server and user
certificates).
2. I then created a server certificate for my tomcat server. This
consisted of creating a certificate request, and then signing that
request to form a signed certificate.
3. I then created a Java Keystore using keytool which will be used by tomcat.
4. Imported the root certificate (of my CA) into that keystore (under
myca alias).
5. Then imported the new server certificate (signed by my CA) into the
same keystore.
6. I then configured tomcat to use that keystore (set
keystoreFile=mykeystorefile, keystorePass=mypassword)

After that, I tried using firefox to connect to tomcat
(https://localhost:8443), but I got an
error message: Could not establish an encrypted connection because
your certificate was rejected by agatha. Error Code -12271. Of cause,
I created a certificate for firefox and import cacert.cer (my self
sign rootca certificate) as authority certificate and certificate for
firefox as browser's certificate.

What can I do?



On 5/15/05, Brian Abbott [EMAIL PROTECTED] wrote:
 Tuan Anh,
 
 Are you trying to access a tomcat hosted axis ws from
 a php client? It's not very clear what you're trying
 to do. But, assuming you want to interact with an AXIS
 WebService  running on Tomcat from a PHP Client, you
 will need to find a PHP SOAP Toolkit and configure
 that to connect to your service. There are three major
 SOAP implementations for PHP:
 
- PEAR::SOAP
- NuSOAP
- PHP-SOAP
 
 The first two have more features, but they're
 implemented entirely with PHP, so they're a little
 slower. PHP-SOAP, however, is written in C, so it's a
 bit faster. All are more then adequate for medium
 traffic sites however.
 
 hope that helps.
 
 Brian Abbott
 
 --- Nguyen Tuan Anh [EMAIL PROTECTED] wrote:
  Hi,
  Could anyone tell me how to establish mutual
  authentication between
  apache/php and tomcat with one axis webservice.
 
  Many thanks,
  Tuan Anh
 
 
 
 
 
 Discover Yahoo!
 Have fun online with music videos, cool games, IM and more. Check it out!
 http://discover.yahoo.com/online.html