tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tony Dahbura <tony.dahb...@eds.com>
Subject Re: Activating clientAuth for just one servlet
Date Thu, 13 Feb 2003 18:19:35 GMT
Peter:
I had the same problem.  You need a realm definition for this and you probably want to look
at
the cert within your servlet but otherwise just leave it alone.

I ended up writing a realm module that basically just passes on the credentials but allows
people
in.

I can email it to you if you want.  Contact me directly.

Tony


Peter Boevink wrote:

> Do I have to add the security constraint to the web.xml of the specific servlet?
> If I do that, my tomcat logger tells me: No Realm has been configured to authenticate
against
>
> -----Original Message-----
> From: Bill Barker [mailto:wbarker@wilshire.com]
> Sent: Thursday, February 13, 2003 10:25 AM
> To: tomcat-user@jakarta.apache.org
> Subject: Re: Activating clientAuth for just one servlet
>
> Assuming that no other servlet in the webapp requires authentication, then
> you can remove the 'clientAuth' from the Connector.  Then set up a:
> <security-constraint>
>   <web-resource-collection>
>      <web-resource-name>SomeName</web-resource-name>
>      <url-pattern>/servlet/MyServlet/*</urlpattern>
>   </web-resource-collection>
> </security-constraint>
> <login-config>
>   <auth-method>CLIENT-CERT</auth-method>
> </login-config>
>
> Tomcat (at least 4.1.18 and higher) will then request the client cert only
> when accessing MyServlet.
>
> The above only applies to Tomcat Stand-Alone.  If you are running behind
> Apache, then you need to request the cert using the standard Apache options
> in a <Location> tag.
> "Peter Boevink" <peter.boevink@alfa-ariss.com> wrote in message
> news:62E22079089F134682AD19324A0C115F04C283@christine.alfa-ariss.com...
> Hi,
>
> I'm using tomcat 4.1 and have several servlets running on it.
> Now I have one servlet that needs client authentication (SSL).
> I do not want all servlets to force client authentication but only that
> perticular one.
> All other servlets will use SSL.
>
> Tomcat is now configured to use SSL and clientAuth, which works fine.
> But all servlets requested now need a client certificate, is there a way to
> activate clientAuth only for one servlet?
>
> Thank, Peter
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

--
Tony Dahbura
Deployment Director
Opsware Business Practice
EDS Inc.
13900 Lincoln Park Drive
Suite 405/WH-OPS
Herndon, VA  20171
voice: 703.742.1280
fax: 703.742.1163
tony.dahbura@eds.com



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message