tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hendryx-Parker, Calvin" <Cal...@Epylon.com>
Subject RE: CLIENT-CERT and JDBCRealm
Date Mon, 26 Aug 2002 22:48:47 GMT
> I Have the security constraint set for the role testing in my web.xml
> file. In the logs I am getting this which make me think I am close:
>
> 2002-08-25 11:55:05 JDBCRealm[Standalone]: Authenticating client
> certificate chain
> 2002-08-25 11:55:05 JDBCRealm[Standalone]:  Checking validity for
> 'CN=Calvin Hendyrx-Parker, OU=Engineering, O=Epylon, L=San Francisco,
> ST=California, C=US'
> 2002-08-25 11:55:05 JDBCRealm[Standalone]:  Checking validity for
> 'EMAILADDRESS=calvin@epylon.com, CN=EpylonCA, OU=Engineering, O=Epylon,
> L=San Francisco, ST=California, C=US'
>
> But I still get a 401 error and it doesn't give me the message that that
> primary is in a certain role.  What am I still missing?

2002-08-26 15:23:47 MemoryRealm[Standalone]: Authenticating client 
certificate chain
2002-08-26 15:23:47 MemoryRealm[Standalone]:  Checking validity for 
'EMAILADDRESS=calvin@epylon.com, CN=Calvin, OU=Engineering, O=Epylon, L=San 
Francisco, ST=California, C=US'
2002-08-26 15:23:47 MemoryRealm[Standalone]: Username 
EMAILADDRESS=calvin@epylon.com, CN=Calvin, OU=Engineering, O=Epylon, L=San 
Francisco, ST=California, C=US has role testing

I just setup the MemoryReam with my DN as the username and it works fine, 
but I really want to use the JDBCRealm.  Anyone have any info on using the 
DN as the username and how to store it in the DB?   It seems like the 
JDBCRealm is having trouble matching the DN string in the DB.

Thanks,
Calvin

-- 
calvin hendyrx-parker              www.epylon.com
enterprise infomediary, engineering

415.593.2738 o | 415.593.2738 f

Epylon Corporation
645 Harrison Street, Suite 200
San Francisco, CA 94107

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message