axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sanjesh Pathak" <sanj...@soapknox.com>
Subject RE: SSL, Mutual or Client Authentication
Date Thu, 19 Oct 2006 16:31:07 GMT
Add this to web.xml of Axis2:
 
  <security-constraint>
     <web-resource-collection>
        <web-resource-name>Protected Context</web-resource-name>
          <url-pattern>/*</url-pattern>
      </web-resource-collection>
      <user-data-constraint>
         <transport-guarantee>CONFIDENTIAL</transport-guarantee>
      </user-data-constraint>
   </security-constraint>
 
Sanjesh
Real-Time Web Service Monitoring for Axis, Axis2 and Synapse
SoapKnox Inc
http://www.soapknox.com
Ph: 832 279 3745
 
  _____  

From: VELUMMYLUM Piragash [mailto:Piragash.Velummylum@alcatel.com] 
Sent: Thursday, October 19, 2006 11:13 AM
To: axis-user@ws.apache.org
Subject: RE: SSL, Mutual or Client Authentication
 
I do need port 8080(non-SSL) open with Tomcat for other webapps that I am
running.  However I would like it to only use port 8443(SSL) to communicate
with Axis2.
 
  _____  

From: Jesús Daniel Blázquez Carazo [mailto:jdblazquez@gfi-info.com] 
Sent: Thursday, October 19, 2006 12:02 PM
To: axis-user@ws.apache.org
Subject: Re: SSL, Mutual or Client Authentication
If you want mutual authentication between client and server you need first a
certificate for the client and the server. To get them you can try use
openssl.
 
Second you need configure SSL with Tomcat in the way you have explained and
delete or comment from the server.xml the <connector port="8080">
 
In this way Tomcat will be listening in the secure port 8443.
----- Original Message ----- 
From: VELUMMYLUM Piragash <mailto:Piragash.Velummylum@alcatel.com>  
To: axis-user@ws.apache.org 
Sent: Thursday, October 19, 2006 5:28 PM
Subject: SSL, Mutual or Client Authentication
 
Hi All,
 
I am very new to Axis, I just installed it yesterday.
 
I am trying to use Axis over an HTTPS connection.  I want to be able to use
SSL with mutual authentication before Axis2 even receives the request.  I am
running Axis2 on Tomcat.  I was wondering if I should let Tomcat handle the
SSL part or if Axis2 has its own features?  Can Tomcat do mutual
authentication, i.e. authenticating the client?  If not can Axis2 do mutual
authentication for SSL?
 
Here are 2 routes I have considered and my questions regarding both
possibilities:
 
1. Configuring SSL with Tomcat:
    - I have discovered that I can define a connector with Tomcat under the
$CATALINA_HOME/conf/server.xml
    <!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
    <Connector port="8443" maxHttpHeaderSize="8192"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" />
    - How do I specify Tomcat to use only use the secure connector and not
the non-SSL connector when talking to Axis2?
 
2. Configuring Axis2 to handle SSL connections:
    - Can Axis2 do this?  If so can it deal with mutual authentication?
 
Thank you in advance,
 
Piragash
 

Mime
View raw message