James Rome wrote:
Why don't my methods get called? The start() method gets called, but
nothing else.
Take a look at
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/catalina/docs/api/org/apache/catalina/authenticator/package-summary.html
Mark
-
I have looked at the source code and it seems to me that presented
client certificates are only checked for their validity dates, and NOT
for whether they have been revoked. I am able to access my Tomcat site
with a revoked certificate.
It is easy to implement OCSP and/or CRL checking, so I implem
Hi,
Need to override the default certificate authentication to provide some own
validation. Need to embed some new extensions in the certificate and
validate them
Got the following information but having problems doing what is explained
1. Write new SSLImplementation subclassing
client auth for certain apps.
How do i go about it.??
Regards & Thanks
Mahesh S Kudva
-Original Message-
From: "Bill Barker" <[EMAIL PROTECTED]>
To: tomcat-user@jakarta.apache.org
Date: Fri, 1 Jul 2005 21:56:37 -0700
Subject: Re: Certificate Authentic
tribute that you
can use to do the same thing. If you need it, search the archives.
> Regards & Thanks
>
> Mahesh S Kudva
>
>
> -Original Message-
> From: Paul Singleton <[EMAIL PROTECTED]>
> To: Tomcat Users List
> Date: Fri, 01 Jul 2005 15:32
udva
-Original Message-
From: Paul Singleton <[EMAIL PROTECTED]>
To: Tomcat Users List
Date: Fri, 01 Jul 2005 15:32:12 +0100
Subject: Re: Certificate Authentication for individual apps
> Mahesh S Kudva wrote:
>
> > How can I have different certificate authentication for differ
Mahesh S Kudva wrote:
How can I have different certificate authentication for different applications and skip certificate
authentication for some applications hosted on the same server.
I believe that, at least under SSL, certificates authenticate
*servers* not applications, and that the
Hi All
How can I have different certificate authentication for different applications
and skip certificate
authentication for some applications hosted on the same server.
Regards & Thanks
Mahesh S Kudva
---
Robo
Hi,
the server needs only the CA certificate used for signing the client
certificate to verify client identity.
Marco
- Original Message -
From: "Aloi Gianfranco (SPES)" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, November 21, 2003 4:30 PM
Subje
Hi,
I have a problem with tomcat and SSL in modality of client authentication.
I have generated my keystore and,I have imported my certificate chain in
cacerts under JAVA_HOME/jre/lib/security,
but I haven't imported the user's certificate in the keystore on the
webserver.
In the server.xml file
Hi
I have a JNDIRealm with certificate authentication. When the user cancel the
authentication he see a error page: Cancelled Action.
How can I include my own error page when the user cancel the certificate
authentication??
Regards
Correct. Tomcat can't do client authentication. For this, you have to implement
a Realm (JDBCRealm, JNDIRealm, etc) and you realize the authentication.
See http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html
-
At 08:52 17/03/2003 +, you wrote:
Fri 07/03/2003 20:08
To: [EMAIL PROTECTED]
Cc:
Subject: Can Tomcat do client certificate authentication ?
Within our company we've decided to use client certificates for security.
I've spent all week trying to get this working on Tomcat. If the client and
server are on the same m
We can't use digest authentication, as we have to store our passwords
encrypted.
-Original Message-
From: Tarun Ramakrishna Elankath [mailto:[EMAIL PROTECTED]
Sent: Sat 08/03/2003 14:19
To: [EMAIL PROTECTED]
Cc:
Subject: RE: Can Tomcat do client certificate authentication ?
To: [EMAIL PROTECTED]
> Cc:
> Subject: Re: Can Tomcat do client certificate authentication ?
>
>
>
> The choice of going to SSL-CERT auth puts a huge burden on your IT staff.
> You've got to collect all of your client's certs, and manage them (including
>
&
27;t seem to be very interoperable.
Dave
-Original Message-
From: Bill Barker [mailto:[EMAIL PROTECTED]
Sent: Sat 08/03/2003 07:07
To: [EMAIL PROTECTED]
Cc:
Subject: Re: Can Tomcat do client certificate authentication ?
The choice of going to SSL-CERT auth puts a huge burden on yo
The choice of going to SSL-CERT auth puts a huge burden on your IT staff.
You've got to collect all of your client's certs, and manage them (including
renewals, revocations, et. al.). Except for small closed-groups, it is
almost always not worth the trouble.
Which headaches you want really depend
Within our company we've decided to use client certificates for security.
I've spent all week trying to get this working on Tomcat. If the client and
server are on the same machine it's easy. But how do I do it if the client
is on a different machine ? I can get SSL working on HTTPS no problem, but
> The thing I want to know is: how can you read properties from the client
> certificate (such as public key, common name, organisation etc) inside a
> servlet or JSP page?
To retrieve the certificate from the request, use the following call:
X509Certificate[] certArray = (X509Certific
2 AM
> To: [EMAIL PROTECTED]
> Subject: Certificate authentication in Tomcat 3.2
>
>
> Hi,
>
> What do I have to do to enable user certificate authentication in my
> application? I added:
>
>
>CLIENT-CERT
>
>
> to my web.xml but it still doesn
Hi,
What do I have to do to enable user certificate authentication in my
application? I added:
CLIENT-CERT
to my web.xml but it still doesn't ask me for the cert. The same is
when I try to user BASIC or any other method.
--
Best regards,
Maciej
--
To unsubscribe: <mailt
19:32
To: [EMAIL PROTECTED]
Subject: Client Certificate Authentication
Anyone know how to configure your web.xml to accept
Client-Certificates.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additiona
Anyone know how to configure your web.xml to accept Client-Certificates.
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
23 matches
Mail list logo
