tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Tomcat Wiki] Update of "SSLWithFORMFallback" by RichardUnger
Date Sun, 04 Nov 2007 19:26:13 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Tomcat Wiki" for change notification.

The following page has been changed by RichardUnger:
http://wiki.apache.org/tomcat/SSLWithFORMFallback

------------------------------------------------------------------------------
  This page describes a Tomcat setup for SSL Client Authentication with fallback to FORM authentication.
  This is ''not'' for using FORM based authentication over a simple SSL channel - you do not
need SSL client authentication for that.
  
- Note: Tested with Tomcat 5.5.17 and 5.5.20
+ Note: Tested with Tomcat 5.5.17, 5.5.20 and 5.5.25
  
  SSL Client Authentication (sometimes also known as "Client Certificate" authentication)
uses the SSL protocol to authenticate clients based on a X509 Certificate. Normally this is
accomlished by configuring SSL in Tomcat, and then configuring the Web Application's security
descriptor to use "CLIENT-CERT" as the auth-method in the login-config section.
  
@@ -132, +132 @@

  
  === How does it work? ===
  
- The code is tested with Tomcat 5.5.17 and 5.5.20. It will probably work with only minor
modifications for other Tomcat 5.5 versions. It has been tested using Java 1.5.
+ The code is tested with Tomcat 5.5.17, 5.5.20 and 5.5.25. It will probably work with only
minor modifications for other Tomcat 5.5 versions. It has been tested using Java 1.5.
  
  In short, this code works because:
   * Tomcat uses the auth-config element of the deployment descriptor to create an Authentication
Valve

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message