axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sanjesh Pathak" <>
Subject RE: SSL, Mutual or Client Authentication
Date Thu, 19 Oct 2006 16:31:07 GMT
Add this to web.xml of Axis2:
        <web-resource-name>Protected Context</web-resource-name>
Real-Time Web Service Monitoring for Axis, Axis2 and Synapse
SoapKnox Inc
Ph: 832 279 3745

From: VELUMMYLUM Piragash [] 
Sent: Thursday, October 19, 2006 11:13 AM
Subject: RE: SSL, Mutual or Client Authentication
I do need port 8080(non-SSL) open with Tomcat for other webapps that I am
running.  However I would like it to only use port 8443(SSL) to communicate
with Axis2.

From: Jesús Daniel Blázquez Carazo [] 
Sent: Thursday, October 19, 2006 12:02 PM
Subject: Re: SSL, Mutual or Client Authentication
If you want mutual authentication between client and server you need first a
certificate for the client and the server. To get them you can try use
Second you need configure SSL with Tomcat in the way you have explained and
delete or comment from the server.xml the <connector port="8080">
In this way Tomcat will be listening in the secure port 8443.
----- Original Message ----- 
From: VELUMMYLUM Piragash <>  
Sent: Thursday, October 19, 2006 5:28 PM
Subject: SSL, Mutual or Client Authentication
Hi All,
I am very new to Axis, I just installed it yesterday.
I am trying to use Axis over an HTTPS connection.  I want to be able to use
SSL with mutual authentication before Axis2 even receives the request.  I am
running Axis2 on Tomcat.  I was wondering if I should let Tomcat handle the
SSL part or if Axis2 has its own features?  Can Tomcat do mutual
authentication, i.e. authenticating the client?  If not can Axis2 do mutual
authentication for SSL?
Here are 2 routes I have considered and my questions regarding both
1. Configuring SSL with Tomcat:
    - I have discovered that I can define a connector with Tomcat under the
    <!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
    <Connector port="8443" maxHttpHeaderSize="8192"
               maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" />
    - How do I specify Tomcat to use only use the secure connector and not
the non-SSL connector when talking to Axis2?
2. Configuring Axis2 to handle SSL connections:
    - Can Axis2 do this?  If so can it deal with mutual authentication?
Thank you in advance,

View raw message