On 2014-12-02 08:09, Andrew Gronosky wrote:
As I discovered yesterday, if you have a client cert that is signed by
a CA that Tomcat trusts, but whose name (synonymously, CN) does not
map to a recognized user, then you will connect to Tomcat but get an
HTTP 401 error as your response. If
CA that Tomcat trusts, but whose name (synonymously, CN) does not map to
a recognized user, then you will connect to Tomcat but get an HTTP 401
error as your response. If the user name is recognized but lacks the
required role, you get HTTP 403.
Hope this helps,
--
Andrew Gronosky
Raytheon BBN
Chris!
-Andrew Gronosky
On 2014-12-01 15:14, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Andrew,
On 12/1/14 2:33 PM, Andrew Gronosky wrote:
Hello,
I am trying to set up client-certificate authentication for Tomcat
7.0.57. I have read the basics in the doc
=Cambridge, ST=MA, C=US
The CA (marti-ca) is one I made up myself and it's installed in the
browser as trusted.
--
Andrew Gronosky
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e
ymptom I am seeing is that a browser with the testClient_2
certificate installed can connect to the web app and access index.html,
but gets an HTTP 401 error trying to access admin.html.
Does anyone have suggestions what I might be overl