tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Todd <ch...@christophertodd.com>
Subject SSL client auth support in TC 3.x and 4.x
Date Sun, 08 Sep 2002 23:52:18 GMT
Is SSL client auth supported in versions of Tomcat prior to 4.x?  In looking
over the source code, I can see that in TC 4.1.10,
Realm.authenticate(X509Certificate[] certs) authenticates a user based on
the certiticate chain that is presented.  But in looking through the source
for TC 3.3.1, I cannot find any calls to
java(x).security.cert.X509Certitificate.validate() or verify().

Nonetheless, I can see classes like JSSESuport and PureTLSSupport that
obtain the chain of certificates via
javax.net.ssl.SSLSession.getPeerCertificateChain(), but for the life of me,
I cannot find any classes that are actually using the array of certs that is
returned.  I have looked at the Realm class and it's subclasses, and I have
seen some things in the Http10Interceptor related to setting up the SSL
socket, but it doesn't look to me like TC 3.3.1 supports client auth.

Did I just miss it?  If SSL client auth is supported in TC 3.x, could
someone please point me to the class and method responsible for verifying
and validating a clients identity using the certificate chain?

Thanks in advance,
Chris


--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message