tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jason Novotny <JDNovo...@lbl.gov>
Subject accessing server credentials from Tomcat
Date Mon, 22 Jan 2001 22:15:50 GMT

Hello,

    I have a Java bean that uses SSL to perform mutual authentication to
another resource. I'd like for the Java bean (and Tomcat) to be able to
use the certificate that I have installed for Apache. However, it looks
like the credential has root read-access file permissions. Somehow,
before Apache does a setuid to "nobody", it must read in the
credentials. However, since the Tomcat process runs as user "nobody", it
doesn't look like Tomcat or my beans can access the web server
certificate/key.
    The 2 workarounds I can think of involve running Tomcat as root
(probably a bad idea) or using another set of credentials that are owned
by user "nobody" (which is an extra pain). For that matter, what kind of
security goes on between the web server and Tomcat process (can mutual
SSL auth. be performed)?

    Any ideas or insight is greatly appreciated.

        Thanks, Jason

--
Jason Novotny               novotny@george.lbl.gov
Home: (510) 704-9917        Work: (510) 486-8662
NERSC Distributed Computing http://www-didc.lbl.gov




Mime
View raw message