I've been trying to make the /admin webapp supplied with tomcat use my
client cert.
I've imported my certificate into the tomcat server host's .keystore using
-keytool and specifying -trustcacerts.
I'm not sure what to put in the web.xml and whether or not I have to put an
entry into tomcat-users.xml (I haven't been able to find a tomcat-users.dtd)
At present I've got the following in the webapps/admin/web-inf/web.xml:
<security-constraint>
...
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>CLIENT-CERT</auth-method>
</login-config>
..
and I've added <user name="mycert_alias" password="cert_store_pwd"
roles="admin" /> to tomcat-users.xml.
When a browser requests the contextAdmin.jsp tomcat returns Error: 401
Location: /admin/contextAdmin/contextAdmin.jsp null
Any help or enlightenment much appreciated.
Thanks
Ron
