On Wed, 17 Jul 2002, Tathagat (London) wrote:
> Date: Wed, 17 Jul 2002 16:03:30 +0100
> From: "Tathagat (London)" <[EMAIL PROTECTED]>
> Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> To: 'Tomcat Users List' <[EMAIL PROTECTED]>
> Subject: RE: client authorization.
>
> They only describe how to get a certificate on server side. I mean server
> can show a certificate to client, but it does not say how do the client
> sends a certificate to the server.
>
You need to import a *client* certificate into your browser (following the
procedures for your browser -- it has nothing to do with Tomcat).
Then, when the server is set up to challenge for client certificates
(which it will if you use CLIENT-CERT as the authentication mechanism, or
you've set the "clientAuth" attribute on the HTTPS connector), the browser
will pop up a dialog asking you which of your client certificates you want
to send in response.
> I think we need to find this thing out.,
>
Craig
> -----Original Message-----
> From: Craig R. McClanahan [mailto:[EMAIL PROTECTED]]
> Sent: Wednesday, July 17, 2002 16:59
> To: Tomcat Users List
> Subject: Re: client authorization.
>
>
>
>
> On Wed, 17 Jul 2002, Anthony Geoghegan wrote:
>
> > Date: Wed, 17 Jul 2002 11:18:33 +0100
> > From: Anthony Geoghegan <[EMAIL PROTECTED]>
> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> > To: Tomcat Users List <[EMAIL PROTECTED]>
> > Subject: client authorization.
> >
> > Is it possible to use client certificate authorization without a password
> > and its associated dialog?
> >
>
> Tomcat 4.x can do this. See the docs for the version of Tomcat you are
> using:
>
> http://jakarta.apache.org/tomcat/tomcat-4.0-doc/ssl-howto.html
> http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html
>
> > Best Regards,
> > Anthony Geoghegan.
> > J2EE Developer
> > CPS Ireland Ltd.
>
> Craig
>
>
> >
> >
> > --
> > To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> > For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
> >
> >
>
>
> --
> To unsubscribe, e-mail:
> <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail:
> <mailto:[EMAIL PROTECTED]>
>
>
> ----------------------------------------------------------------------
> If you have received this e-mail in error or wish to read our e-mail
> disclaimer statement and monitoring policy, please refer to
> http://www.drkw.com/disc/email/ or contact the sender.
> ----------------------------------------------------------------------
>
>
> --
> To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
>
>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
