tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sander Smith <ssmith3...@rogers.com>
Subject Re: SSL Client Authorization
Date Tue, 01 Jun 2004 13:25:39 GMT
Doug,

Thanks for your help but this isn't what I need. Yes, I want the client to 
present a certificate for validation during the SSL handshake, but your 
solution is not available to me. You suggest putting something in a config 
file, but I'm running Tomcat embedded, so all of the configuration is 
happening programmatically.

I have a org.apache.coyote.tomcat5.CoyoteConnector and I call 
setKeystoreFile(...), setKeyAlias(...), etc. to set up the server side SSL, 
and this is working great. When I want to request a client certificate I 
would expect to call setClientAuth(...) to do this. However, I'd expect to 
pass a boolean into this method, but instead, the interface requires a 
String!!! To make matters worse, there's no documentation to say what this 
string is.

Does anyone know how to do this programmatically??

Sander Smith

At 08:20 AM 6/1/2004 -0400, you wrote:
>Sander,
>
>If what you want is to have the client present a certificate for validation,
>then in your connector have something like
>
>clientAuth="true"
>
>See
>http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html
>
>If you are looking for something different let us know.
>
>Doug
>www.parsonstechnical.com
>
>
>
>----- Original Message -----
>From: "Sander Smith" <ssmith3988@rogers.com>
>To: <tomcat-user@jakarta.apache.org>
>Sent: Tuesday, June 01, 2004 6:29 AM
>Subject: SSL Client Authorization
>
>
> > I'm writing an application with SSL that's been working fine, and would
> > like to enable client authorization. It seemed like the thing to do was go
> > to my connector (org.apache.coyote.tomcat5.CoyoteConnector) and enable it
> > there. Lo and behold there is a method (setClientAuth) that seems to do
> > what I want, but for some strange reason it takes a string as an argument
> > instead of a boolean. What am I missing here?? How do I enable this?
> >
> > Sander Smith
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >
> >
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message