tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefán F. Stefánsson <>
Subject RE: SSL client authentication with Tomcat
Date Mon, 06 Nov 2000 21:03:34 GMT
Sorry to butt in but you know that this IS supported if you're using the
internal tomcat 3.2b6 webserver...

You can access the client certificate if the connection comes through
the HTTP server of Tomcat.  Then you can use the
request.getAttribute("javax.servlet.blablabla") just as described in the
servlet docs (of course you only get access to the X509 information...
not the private key itself).

Of course you may not have the ability to run Tomcat as your HTTP server
but I hope this helps you a little (maybe you can continue developing on
Tomcat standalone while waiting for the support in Tomcat + Apache).

Kind regards, Stefan Freyr.

-----Original Message-----
From: Antonio Sanchez []
Sent: 6. nóvember 2000 18:29
Subject: Re: SSL client authentication with Tomcat

when you say this feature is not supported in Tomcat 3.x, do you also
that it is not available either for Apache+Tomcat 3.1?
Thanks in advance

This feature is not supported in Tomcat 3.x presently, although it is
available in Tomcat 4.0 (pre-alpha nightly builds currently available).

Craig McClanahan
> Hi to all!
> Does anybody know whether there is the possibility to access the SSL
> client certificate variables from a servlet running in Tomcat?.
> Thanks to all of you!

View raw message