Hi,
We’re using Tomcat 5.5 as our Web server and intend to implement SSO for our
application. As a part of the requirement, we need to set the REMOTE_USER
environment variable with the Subject DN retrieved from the client certificate
(We’ve edited conf\server.xml, so that Tomcat listens to https requests on port
8443 and the client certificate is validated against the one stored in the
tomcat truststoreFile). The corresponding part of the server.xml is:
<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="true" sslProtocol="SSL"
keystoreFile="C:/cert/tomcat.keystore" keystorePass="password"
truststoreFile="C:/cert/tomcat.keystore"
truststorePass="password"/>
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009"
enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
We need to set this environment variable from the web server only (Tomcat 5.5
in this case) and not from our application. The value of this environment
variable (REMOTE_USER) i.e. the Subject DN of the client certificate will be
read by the application.
We’re unable to configure Tomcat to setup the REMOTE_USER environment variable
with the Subject DN of the client certificate.
Any input/help/suggestion would be highly appreciated.
Thanks and Regards,
Sameek Bhaumik
Download prohibited? No problem. CHAT from any browser, without download.
Go to http://in.webmessenger.yahoo.com/
