Hi all.
Currently, I have a secure web application with Apache + mod_ssl and it
does work fine. I would like change to Tomcat with security constraints for
directories (with client authentication). For this, I would like to protect
a resource with a MemoryRealm. I'm following these steps:
1. Open <tomcat>/conf/server.xml and uncomment the following line:
<Realm className="org.apache.catalina.realm.MemoryReal"/>
2. Open <tomcat>/webapps/demo/WEB-INF/web.xml to add the following security
constraint:
<security-constraint>
<web-resource-collection>
<web-resource-name>OnJava</web-resource-name>
<url-pattern>/dirDemo/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>tomcat</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>CLIENT-CERT</auth-method>
<realm-name>OnJava</realm-name>
</login-config>
3. In <tomcat>/conf/tomcat-users-xml I have the following user:
<user username="CN=anon, OU=OU test, O=O test, C=ES" password=""
roles="tomcat"/>
The username is the same that the certificate's distinguished name.
Stop and restart the Tomcat server. When I open the URL:
https://localhost:8443 I obtain the error: HTTP Status 403 - Cannot
authenticate with the provided credentials
Can somebody help me in my error??
Thanks for advance and regards.
------
Tomcat: version 4.1.18 with SSL
SO: Red Hat 7.3
----------
Manuel Gil Pérez - Proyecto m-PISCIS
DIIC - Dpto. Ingeniería de la Información y las Comunicaciones
Facultad de Informática - Universidad de Murcia (Spain)
Tfo: +34 968228258
ANTS Research Group - http://ants.dif.um.es
