tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Farrell, Patrick" <PFarr...@trusecure.com>
Subject HELP! Client Authentication in Tomcat 4.1.24
Date Wed, 23 Jul 2003 17:01:45 GMT
I am attempting to use client certificate authentication with Tomcat 4.1.24,
but each time I connect via a browser (Internet Explorer) Tomcat indicates
that it is unable to authenticate with the provided credentials.  

My client certificate is a personal certificate from Thawte.  The
corresponding root certificate already exists in my truststore.  

Shown below is my tomcat-users.xml file.  

<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
  <role rolename="user" description="Authenticated User"/>
  <role rolename="manager" description="Tomcat Manager"/>
  <role rolename="admin" description="Tomcat Administrator"/>
  <user username="administrator" password="password" roles="admin,manager"/>
  <user username="EMAILADDRESS=pfarrell@trusecure.com, CN=Thawte Freemail
Member" password="null" roles="user"/>
</tomcat-users>

Must I do anything with the client certificate in order for the server to
trust it, or does the server simply grab the DN from the certificate and
look in the realm for a user with the corresponding DN?  

Does anyone have any information or links on how to configure tomcat users
with client authentication?

Pat

***********************************************************************
This message is intended only for the use of the intended recipient and
may contain information that is PRIVILEGED and/or CONFIDENTIAL.  If you
are not the intended recipient, you are hereby notified that any use,
dissemination, disclosure or copying of this communication is strictly
prohibited.  If you have received this communication in error, please
destroy all copies of this message and its attachments and notify us
immediately.
***********************************************************************


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message