DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21115>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21115 JDBCRealm does not work with HTTPS client certificate authentication Summary: JDBCRealm does not work with HTTPS client certificate authentication Product: Tomcat 4 Version: 4.1.24 Platform: All OS/Version: All Status: NEW Severity: Major Priority: Other Component: Catalina AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] Description: In org.apache.catalina.realm.JDBCRealm, the method "protected Principal getPrincipal(String username)", implementing an abstract method inherited from org.apache.catalina.realm.RealmBase is not properly implemented : it simply returns null. The consequence is that if any client with a valid HTTPS certificate tries to connect to a webapp with CLIENT-CERT authorization login, he will not be identified by the system and get a HTTP402 error (something telling that his credentials are not sufficient...). A Solution: In order to make it work, I simply implemented that method as follows: protected Principal getPrincipal(String username) { Principal result = authenticate(username, "tomcat"); return result; } In the DB, for each client you have to put the full DN of the client certificate into the 'login' column, and 'tomcat' as password. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]