Yes I understand what you said about CLIENT-CERT and I add a new entry in my tomcat-usr.xml file :
<tomcat-users>
<user name="tomcat" password="tomcat" roles="tomcat" />
<user name="role1" password="tomcat" roles="role1" />
<user name="both" password="tomcat" roles="tomcat,role1" />
<user name="OID.0.9.2342.19200300.100.1.1=mvittel, CN=michel vittel, O=frec.bull.fr" password="tomcat" roles="tomcat,role1" />
</tomcat-users>
Functions getSubjectDN().getName() return OID.0.9.2342.19200300.100.1.1=mvittel, CN=michel vittel, O=frec.bull.fr value for the
first certificate chain, so I consider this value is the new user name.
I have yet auth-method into CLIENT-CERT value and when I try to connect on my tomcat serveur I have the same message :
"You are not authorized to view this page"
My local_host_access.log file give me this information :
camilleri - OID.0.9.2342.19200300.100.1.1=mvittel, CN=michel vittel, O=frec.bull.fr [21/Dec/2000:11:07:50 1000] "GET /examples/servlet/SnoopServlet HTTP/1.1" 200 4017
camilleri - OID.0.9.2342.19200300.100.1.1=mvittel, CN=michel vittel, O=frec.bull.fr [21/Dec/2000:11:08:32 1000] "GET /examples/servlet/SnoopServlet HTTP/1.1" 403 -
So I try to cut attribut password on tomcat-users file because when I use a certificate I don't understand what I would say... but
with no success...
So thank you if you are a another good idea ?
Best Regards
Jérôme
- Question about CLIENT-CERT on web.xml file ? jerome . camilleri
- Re: Question about CLIENT-CERT on web.xml file ? Craig R. McClanahan
- jerome . camilleri
