Read again: "At the moment, only MemoryRealm supports CLIENT-CERT auth". What part of this don't you understand?
"Miguel A Paraz" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hi, > From: > http://www.mail-archive.com/[EMAIL PROTECTED]/msg109699.html > > On Tue, 11 Nov 2003, Bill Barker wrote: > > > At the moment, only MemoryRealm supports CLIENT-CERT auth (at least from the > > Tomcat ships-with Realms). There are patches for JNDIRealm and JDBCRealm > > floating around in Bugzilla, that should be fine if you are using Sun's JVM. > > (The Sun dependencies are basically why they are still floating :). > > > > Once you have enabled MemoryRealm (and, for versions < 4.1.29, disable the > > default DataSource), then the 'username' in tomcat-users.xml is the cert's > > DN (aka Subject). The password can be anything you want (it is ignored for > > CLIENT-CERT auth). > > I tried this like: > <user username="/C=PH/ST=NCR/L=Pasig/O=mparaz.com/OU=personal/CN=Miguel A Paraz/[EMAIL PROTECTED]" password="ignored" roles="role1"/> > > But UserRealm doesn't like it. I tried URL-escaping the '=' to '%3D' but it > was ignored. Does anyone have a working sample? Thanks! > > SEVERE: Exception creating UserDatabase MBeans for UserDatabase > javax.management.MalformedObjectNameException: Invalid character '=' in value pa > rt of property > at javax.management.ObjectName.construct(ObjectName.java:563) > at javax.management.ObjectName.<init>(ObjectName.java:1300) > at org.apache.catalina.mbeans.MBeanUtils.createObjectName(MBeanUtils.jav > a:1520) > at org.apache.catalina.mbeans.MBeanUtils.createMBean(MBeanUtils.java:783 > ) > at org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.createMBe > ans(GlobalResourcesLifecycleListener.java:280) > at org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.createMBe > ans(GlobalResourcesLifecycleListener.java:210) > at org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.createMBe > ans(GlobalResourcesLifecycleListener.java:172) > at org.apache.catalina.mbeans.GlobalResourcesLifecycleListener.lifecycle > Event(GlobalResourcesLifecycleListener.java:144) > at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(Lifecycl > eSupport.java:166) > at org.apache.catalina.core.StandardServer.start(StandardServer.java:233 > 6) > at org.apache.catalina.startup.Catalina.start(Catalina.java:581) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl. > java:39) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces > sorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:324) > at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:297) > at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:398) --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]