Hi, I need autheticate ONLY with client certificate (i.e., I don't want to check any user's database) . I did that follow:
1. I write a "X509Realm", with a method "authenticate" that only check the validity of each certificate in the certification's chain (don't check if the user exists in any database). 2. Declare this new class in "org/apache/catalina/realm/mbeans-descriptors.xml" and "rg/apache/catalina/mbeans/mbeans-descriptors.xml". 3. Edit "server.xml" and configure the realm. 4. Edit "web.xml" to set the auth-method to "CLIENT-CERT" 5. Put "X509Realm.class" and "mbeans-descriptors.xml" in "server/classes", with the correct path. 6. Restart Tomcat. Now, I can authenticate with X509 certificate, and get the client certificate with getAttribute("javax.servlet.request.X509Certificate"). But, sometimes, this method returns null. Why? regards --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]