[EMAIL PROTECTED] wrote:
>
> Scenario
>
> I have apache passing any calls to servlets through to Tomcat 4 via
> the mod_webapp connector.
> My Server certificate and my client certificates work fine to allow
> specific users onto the system.
>
> Problem....Problem....Problem....Problem....Problem....
>
> In Tomcat 3.2.3 it was possible using AJP13 to access Client
> Certificate information via
> request.getAttribute("javax.servlet.request.X509Certificate") from
> within my tomcat servlet. In Release 4.0 using the warp connector this
> doesn`t appear to be the case. When i debug/view my request object for
> it`s attributes there are none present. No CIPHER_SUITE or
> X509Certificate.
Try with mod_jk of jakarta-tomcat-connectors (SSL is not yet supported in
mod_webapp).
>
> Please can someone tell me how i should be accessing client
> certificate information from within Tomcat 4.0 via apache.
>
> My System
>
> Apache-ssl 1.3
> Tomcat 4.0
> mod_webapp.so
> Linux Redhat 7.1
>
> Here is an extract of my httpd.conf
>
> <VirtualHost www.xxxxxxxxxx.co.uk:443>
> SSLEnable
> SSLCertificateFile /usr/local/ssl/www.xxxxxxx.crt
> SSLCertificateKeyFile /usr/local/ssl/www.xxxxxxx.key
> SSLCACertificateFile /usr/local/ssl/xxxxxxx.pem
> SSLVerifyClient 2
> SSLVerifyDepth 10
> SSLFakeBasicAuth
> SSLExportClientCertificates
> SSLCacheServerPort /usr/logs/gcache_port
> SSLCacheServerPath ./bin/gcache
> SSLSessionCacheTimeout 30
> SSLRequiredCiphers RC4-MD5
> SSLCacheServerPath ./bin/gcache
> SSLCacheServerPort logs/gcache_port
> SSLCacheServerRunDir /tmp
> Serveradmin xxxxxx@xxxxxx
> ServerName xxxxxxx
> WebAppConnection warpConnection warp localhost:8008
> WebAppDeploy testcert warpConnection /testcert/
> </VirtualHost>
>
> and my server.xml to receive the warp connector
>
> <!-- Define an Apache-Connector Service -->
> <Service name="Tomcat-Apache">
>
> <Connector className="org.apache.catalina.connector.warp.WarpConnector"
> port="8008" minProcessors="5" maxProcessors="75"
> enableLookups="true" scheme="https" secure="true">
> acceptCount="10" debug="0"/>
> </Connector>
>
> <!--
> <Factory className="org.apache.catalina.net.SSLServerSocketFactory"
> clientAuth="false" protocol="TLS"/>
> -->
>
> <!-- Replace "localhost" with what your Apache "ServerName" is set
> to -->
> <Engine className="org.apache.catalina.connector.warp.WarpEngine"
> name="Apache" defaultHost="localhost" debug="0"
> appBase="webapps">
> .........
>
> Any help or advise greatly appreciated
>
> Lee Lovell