tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <>
Subject Re: Client Certificate -- All Authenticated Users
Date Tue, 08 Aug 2006 11:29:39 GMT wrote:
> The web.xml is configured in the following way to allow "all
> authenticated" user to do stuff. (To my knwoledge the * means all
> authenticated users, in my case users belonging to role1)

The "*" role does not mean all authenticated users. It means all users
with one or more roles that are defined in the this web.xml

> Is there a way to configure tomcat in such a way that, when tomcat
> accepts the client certificate, the user is automatically authenticated
> (and belongs to a default group) and the request.getUserPrincipal() is
> filled in with the relevant information from the certificate.

Sorry, no. Is setting clientAuth="true" (see sufficient?

If not other options include:
- a custom realm
- a filter looking for javax.servlet.request.X509Certificate



To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message