tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sander Smith <>
Subject Re: SSL Client Authorization
Date Tue, 01 Jun 2004 13:25:39 GMT

Thanks for your help but this isn't what I need. Yes, I want the client to 
present a certificate for validation during the SSL handshake, but your 
solution is not available to me. You suggest putting something in a config 
file, but I'm running Tomcat embedded, so all of the configuration is 
happening programmatically.

I have a org.apache.coyote.tomcat5.CoyoteConnector and I call 
setKeystoreFile(...), setKeyAlias(...), etc. to set up the server side SSL, 
and this is working great. When I want to request a client certificate I 
would expect to call setClientAuth(...) to do this. However, I'd expect to 
pass a boolean into this method, but instead, the interface requires a 
String!!! To make matters worse, there's no documentation to say what this 
string is.

Does anyone know how to do this programmatically??

Sander Smith

At 08:20 AM 6/1/2004 -0400, you wrote:
>If what you want is to have the client present a certificate for validation,
>then in your connector have something like
>If you are looking for something different let us know.
>----- Original Message -----
>From: "Sander Smith" <>
>To: <>
>Sent: Tuesday, June 01, 2004 6:29 AM
>Subject: SSL Client Authorization
> > I'm writing an application with SSL that's been working fine, and would
> > like to enable client authorization. It seemed like the thing to do was go
> > to my connector (org.apache.coyote.tomcat5.CoyoteConnector) and enable it
> > there. Lo and behold there is a method (setClientAuth) that seems to do
> > what I want, but for some strange reason it takes a string as an argument
> > instead of a boolean. What am I missing here?? How do I enable this?
> >
> > Sander Smith
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> > For additional commands, e-mail:
> >
> >
>To unsubscribe, e-mail:
>For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message