tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Antony GUILLOTEAU <antony.guillot...@systeme-u.fr>
Subject Rép. : Re: How show CLIENT-CERT Realm
Date Thu, 22 Sep 2005 06:45:25 GMT
Thanks.
Like I've found nothing, I'm choosing a solution like this.
So it is impossible to show CLIENT-CERT realm like response.setHeader("WWW-Authenticate",
"CLIENT-CERT realm=\"myName\"");

I've an another question : how to redirect an request to the secure port within a serlvet
? I post a new message.



>>> markt@apache.org 21/09/2005 21:15:39 >>>
Antony GUILLOTEAU wrote:
> I'm able to show the login window of a basic realm with following code :
>    response.setHeader("WWW-Authenticate", "BASIC realm=\"myName\"");
>    response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
> 
> Now I wish to show the window like CLIENT-CERT : when all realm parameters are set in
the web.xml that 's work fine. But I want to do the same thing programmaticly with response.sendError(HttpServletResponse.SC_UNAUTHORIZED).
> 
> I think it is done in the tomcat code ... but where ?
> 
> Thanks

It is done in o.a.c.authenticator.AuthenticatorBase and the process is 
basically issue a redirect to SSL. You will need to set the clientAuth 
attribute on the connector to true to require all connections to 
present a client certificate. If you want to validate the clienbt 
certificate, have a look at o.a.c.authenticator.SSLAuthenticator

Mark



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message