Hi,
I'm using Tomcat with SSL and authentication with
client certificates.
When I take the certificate with request.getAttribute(
javax.servlet.request.X509Certificate), I have
the correct certificate, but if I take it after a few
minutes, I have null (probably, the SSL session
is expired).
Thanks, Steve
With
response.setHeader(Cache-Control, cache);
response.setHeader(Pragma, cache);
runs OK in IE
regards,
Luis
Steve Ochani escribió:
Date sent: Thu, 05 Jun 2008 10:36:32 +0200
From: Luis Pascual Forner [EMAIL PROTECTED]
Subject
it.
thanks,
Luis
ahuelsing escribió:
Hi,
you have to set clientAuth=true
andreas
Luis Pascual Forner schrieb:
Thanks, Bill,
I use the JIO connector.
That's my server.xml:
?xml version=1.0 encoding=UTF-8?
Server port=8006 shutdown=SHUTDOWN
Listener className
Luis Pascual Forner schrieb:
No, because I want that the certificate was
required ONLY when I acces to some pages.
In fact, this is how now works, but sometimes
the method getAttribute(javax.servlet.request.X509Certificate)
returns null.
Finally, I store the certificate in the session, and get
=true /
Context docBase=x509 path=/x509 reloadable=true
allowLinking=true /
/Host
/Engine
/Service
/Server
Bill Barker escribió:
Luis Pascual Forner [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Hi,
I need autheticate ONLY with client certificate (i.e., I
)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
at java.lang.Thread.run(Thread.java:619)
But not if I use Firefox with Linux.
Luis Pascual Forner escribió:
Thanks, Bill,
I use the JIO connector.
That's my server.xml:
?xml version=1.0 encoding=UTF-8?
Server port=8006 shutdown
Hello,
The JSP script that follows produces an error
when accessing with Internet Explorer:
%@ page contentType=application/pdf %
%@ page import=java.io.File %
%@ page import=java.io.FileInputStream %
%@ page import=java.io.InputStreamReader %
%
InputStreamReader in = new
Hi,
I need autheticate ONLY with client certificate (i.e., I don't want
to check any user's database) . I did that follow:
1. I write a X509Realm, with a method authenticate that
only check the validity of each certificate in the
certification's chain (don't check if the user
Hello,
I'm trying to use CLIENT-CERT authentication with Tomcat. When I get
the attribute javax.servlet.request.X509Certificate the first time,
it returns the certificate. So far, so good. But if I access the same
JSP after that, or another JSP that get the same attribute, it returns
null.