Hello, You are receiving this message in follow-up to a report received by the EarthLink Abuse Department. You may have submitted this report to a number of addresses including but not limited to [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], [EMAIL PROTECTED], or [EMAIL PROTECTED]
Most reports of network abuse sent to this department fall into a few recognizable categories (spam, cracking, viruses, etc.). To increase efficiency, our filters scan incoming reports and attempt to determine the general type of issue being reported. We were not able to process your report because it does not appear to include the information needed for EarthLink Abuse to begin it's investigation. Evidence to Abuse should always include the IP address of the offending party and a valid timestamp, which includes time, date and timezone. To learn how to report spam so action is taken: http://spam.abuse.net/userhelp/howtocomplain.shtml To learn how to locate and interpret e-mail headers in your e-mail client: http://support.earthlink.net/support/TUTORIALS/email/mbx_interpret_headers.jsp Other useful lookup tools: http://samspade.org/ Once you have included the pertinent information needed, please resubmit your report, and include this autoresponse. Your report will then be reprocessed by our filters. However, you should expect to receive another auto-response after your resubmission is re-examined, but due to the large number of reports we receive, please understand that you may not receive a personal response. Our policies can be found at the following page: http://earthlink.net/about/policies/ Thanks, The EarthLink Abuse Staff >DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG >RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT ><http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21115>. >ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND >INSERTED IN THE BUG DATABASE. >http://nagoya.apache.org/bugzilla/show_bug.cgi?id=21115 >JDBCRealm does not work with HTTPS client certificate authentication > Summary: JDBCRealm does not work with HTTPS client certificate > authentication > Product: Tomcat 4 > Version: 4.1.24 > Platform: All > OS/Version: All > Status: NEW > Severity: Major > Priority: Other > Component: Catalina > AssignedTo: [EMAIL PROTECTED] > ReportedBy: [EMAIL PROTECTED] >Description: >In org.apache.catalina.realm.JDBCRealm, the method "protected Principal >getPrincipal(String username)", implementing an abstract method inherited from >org.apache.catalina.realm.RealmBase is not properly implemented : it simply >returns null. The consequence is that if any client with a valid HTTPS >certificate tries to connect to a webapp with CLIENT-CERT authorization login, >he will not be identified by the system and get a HTTP402 error (something >telling that his credentials are not sufficient...). >A Solution: >In order to make it work, I simply implemented that method as follows: >protected Principal getPrincipal(String username) { > Principal result = authenticate(username, "tomcat"); > return result; >} >In the DB, for each client you have to put the full DN of the client >certificate into the 'login' column, and 'tomcat' as password. >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
