tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mario Ivankovits" <>
Subject Re: How to use digital certificates
Date Fri, 20 Jun 2003 09:08:50 GMT
>> we use certificates generated by iPlanet Certificate Server. All the
client(user) certificates are on a swipe card which are read by Gemplus card
>reader using USB port.... The problem is when the user swipes it, user
should automatically be authenticated..(currently we have another web
>application running on iPlanet web server - which picks up username from
the card and authenticates against LDAP).  Is this possible in
>Tomcat?  SSL is working fine - only problem is authentication..

I do not know the "iPlanet Certificate Server", we use the LDAP Server
(openldap) from SuSE OpenExchange.

*) The Browser sends the user-certificate to tomcat (standalone installation
!!). I do not know, what you mean by "the web-application pick the
username", i think such an web-application can only get the certificate.
*) JNDIRealmCertOpenExchange tries to lookup a user with this certificate
*) If a user is found, the username of this ldap-entry is used for the
resulting principal

I am not aware of the protocol iPlanet uses, if it is standard LDAP you
might have luck, else you have to write your own realm.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message