tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From appa rao <>
Subject Re: How to use digital certificates
Date Fri, 20 Jun 2003 08:28:30 GMT
Thanks for the reply.. 
let me clearly tell you the problem..
we use certificates generated by iPlanet Certificate Server. All the client(user) certificates
are on a swipe card which are read by Gemplus card reader using USB port.... The problem is
when the user swipes it, user should automatically be authenticated..(currently we have another
web application running on iPlanet web server - which picks up username from the card and
authenticates against LDAP).  Is this possible in Tomcat?  SSL is working fine - only problem
is authentication..

Bill Barker <> wrote:
Ok, everyone else is signing their replies. I can do that too ;-).

Out-of-the-box, TC 4.1.24 has very limited support for x509 auth. Only the
(deprecated) MemoryRealm actually supports it. Also, only the Stand-Alone
JSSE Connector will correctly retrieve the x509 certs in the current release
version (the Jk-Coyote Connector is fixed in the CVS, and the fixes for the
Stand-Alone PureTLS Connector will show up before 4.1.25 comes out).

"Mario Ivankovits" wrote in message
> I have developed a solution, where you can use client-certificates for
> authentication.
> You can find information at
> Currently an implementation for "Standard LDAP" and "Windows-2000
> ActiveDirectory" is available.
> Using W2K-AD you might have troubles, since i have tested it only with two
> different client-certificates.
> Mainly you have to import the certificate in your LDAP Server, and then
> user-mapping is done by my JNDIRealm* classes.
> Mario
> ----- Original Message -----
> From: "appa rao" 
> To: 
> Sent: Friday, June 20, 2003 7:33 AM
> Subject: How to use digital certificates
> > Hi,
> >
> > Can any one give me an example of how to use Digital Certificates for
> authentication and authorizatioin in Tomcat? I am struggling to under the
> concept of certificates and their use in authentication and
> I am using Tomcat - 4.1.24.
> >
> > Thanks in advance..
> >
> > appa
> >
> > SMS using the Yahoo! Messenger;Download latest version.
> ATTACHMENT part 2 application/x-pkcs7-signature name=smime.p7s 
SMS using the Yahoo! Messenger;Download latest version.
  • Unnamed multipart/alternative (inline, 8-Bit, 0 bytes)
View raw message