tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bob Herrmann <...@jadn.com>
Subject Re: cvs commit: jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net JSSESocketFactory.java
Date Thu, 19 Sep 2002 17:49:51 GMT
Humm...  When I set SSL connector with  clientAuth="true", Tomcat 5
gives me this,

    Handshake failed javax.net.ssl.SSLHandshakeException:
javax.net.ssl.SSLProtocolException: handshake alert:  no_certificate



On Thu, 2002-09-19 at 01:09, billbarker@apache.org wrote:
> billbarker    2002/09/18 22:09:28
> 
>   Modified:    util/java/org/apache/tomcat/util/net JSSESocketFactory.java
>   Log:
>   Fix problem with JSSE not honoring "clientauth".
>   
>   Now there should be now reason for anyone to believe that CertificatesValve should
be used ever with the CoyoteConnector. :-)
>   
>   Revision  Changes    Path
>   1.3       +16 -2     jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/JSSESocketFactory.java
>   
>   Index: JSSESocketFactory.java
>   ===================================================================
>   RCS file: /home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/JSSESocketFactory.java,v
>   retrieving revision 1.2
>   retrieving revision 1.3
>   diff -u -r1.2 -r1.3
>   --- JSSESocketFactory.java	18 Sep 2002 15:10:04 -0000	1.2
>   +++ JSSESocketFactory.java	19 Sep 2002 05:09:28 -0000	1.3
>   @@ -161,7 +161,18 @@
>    
>    	    //determine whether we want client authentication
>    	    // the presence of the attribute enables client auth
>   -	    clientAuth = null != (String)attributes.get("clientauth");
>   +	    String clientAuthStr=(String)attributes.get("clientauth");
>   +	    if(clientAuthStr != null){
>   +		if(clientAuthStr.equals("true")){
>   +		    clientAuth=true;
>   +		} else if(clientAuthStr.equals("false")) {
>   +		    clientAuth=false;
>   +		} else {
>   +		    throw new IOException("Invalid value '" +
>   +					  clientAuthStr + 
>   +					  "' for 'clientauth' parameter:");
>   +		}
>   +	    }
>    
>    	    String keyPass=(String)attributes.get("keypass");
>    	    if( keyPass==null) keyPass=defaultKeyPass;
>   @@ -224,11 +235,14 @@
>        public Socket acceptSocket(ServerSocket socket)
>    	throws IOException
>        {
>   +	SSLSocket asock = null;
>    	try {
>   -	    return socket.accept();
>   +	     asock = (SSLSocket)socket.accept();
>   +	     asock.setNeedClientAuth(clientAuth);
>    	} catch (SSLException e){
>    	  throw new SocketException("SSL handshake error" + e.toString());
>    	}
>   +	return asock;
>        }
>         
>        /** Set server socket properties ( accepted cipher suites, etc)
>   
>   
>   
> 
> --
> To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>



--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message