No, because I want that the certificate was
required ONLY when I acces to some pages.
In fact, this is how now works, but sometimes
the method getAttribute(javax.servlet.request.X509Certificate)
returns null.
Finally, I store the certificate in the session, and get it
from there when I need it.
Ok,
you know, that you have to use ssl/tsl or some challenge-response
protocol to ensure that the owner of the certificate also owns the
corresponding private key? So the best way might be to use ssl with
client auth and an all trusting trustmanager which accepts every
certificate but checks
Hi, Andreas
I think that I did'nt explained correctly. What I would is to have
some pages that requires authentication, and others not (as in Apache
server, where is possible to set SSLVerifyClient at directory level).
Because the clientAuth attribute is at the Connector level, I do'nt
want to
Hi Luis,
sorry, at this point I can't help you. Never done sth. similar.
andreas
Luis Pascual Forner schrieb:
Hi, Andreas
I think that I did'nt explained correctly. What I would is to have
some pages that requires authentication, and others not (as in Apache
server, where is possible to set
Thanks, Bill,
I use the JIO connector.
That's my server.xml:
?xml version=1.0 encoding=UTF-8?
Server port=8006 shutdown=SHUTDOWN
Listener className=org.apache.catalina.core.AprLifecycleListener /
Listener
className=org.apache.catalina.mbeans.ServerLifecycleListener /
Listener
More information:
If I use Internet Explorer, in the log appears:
java.net.SocketException: Socket Closed
at java.net.PlainSocketImpl.setOption(PlainSocketImpl.java:201)
at java.net.Socket.setSoTimeout(Socket.java:997)
at
Hi,
you have to set clientAuth=true
andreas
Luis Pascual Forner schrieb:
Thanks, Bill,
I use the JIO connector.
That's my server.xml:
?xml version=1.0 encoding=UTF-8?
Server port=8006 shutdown=SHUTDOWN
Listener className=org.apache.catalina.core.AprLifecycleListener /
Listener
Hi,
I need autheticate ONLY with client certificate (i.e., I don't want
to check any user's database) . I did that follow:
1. I write a X509Realm, with a method authenticate that
only check the validity of each certificate in the
certification's chain (don't check if the user
Luis Pascual Forner [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Hi,
I need autheticate ONLY with client certificate (i.e., I don't want
to check any user's database) . I did that follow:
1. I write a X509Realm, with a method authenticate that
only check the validity