Graham, On Fri, Mar 13, 2015 at 3:02 PM, Graham Leggett <minf...@sharp.fm> wrote:
> Hi all, > > I have a working realm installation using basic authentication, which I > need to switch to client certificate authentication. Having done so it > doesn’t work, I just get “forbidden”, with no indication of the error > involved. > Just to confirm, the 403 Forbidden page was rendered by Tomcat, not Apache HTTPD? I don't expect it is an Apache issue here - because you mentioned your application worked before - I assume with the same URL, and no updates to Apache HTTPD configuration. Next thing I would probably increase the verbosity of the Realm logging, by updating your conf/logging.properties, e.g. org.apache.catalina.realm.level = ALL org.apache.catalina.realm.useParentHandlers = true org.apache.catalina.authenticator.level = ALL org.apache.catalina.authenticator.useParentHandlers = true You might want to disable buffering as well, e.g. 1catalina.org.apache.juli.FileHandler.bufferSize = -1 Hope that helps! Cheers! Neven
