tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hassan Schroeder" <hassan.schroe...@gmail.com>
Subject Re: Handling expired client certificate
Date Wed, 01 Nov 2006 15:17:57 GMT
On 11/1/06, Subscriber <subscriber@sepo.dk> wrote:
> Hi,
>
> I've configured Tomcat 5.5.17 to use CLIENT-CERT as authentication
> mechanism via web.xml in my web application. This works as expected and
> the user gets prompted for a certificate. I'm facing a problem, because
> when the user supplies a certificate that has expired Tomcat throws an
> exception in the log like this:
>
> INFO: SSL Error getting client Certs
> javax.net.ssl.SSLHandshakeException:
> java.security.cert.CertificateExpiredException: NotAfter: Thu Jan 19
> 08:40:14 CET 2
> 006

> My problem is, that I would like to handle the case myself and avoid
> exceptions in the log and present the user with a good error message. In
> this case, the user has no clue what-so-ever of what happened because
> the error remains within Tomcat. What can I do to catch the error myself?

Have you tried something like this in your web.xml?

<error-page>
 <exception-type>java.security.cert.CertificateExpiredException</exception-type>
 <location>/WEB-INF/errors/expired.jsp</location>
</error-page>

-- 
Hassan Schroeder ------------------------ hassan.schroeder@gmail.com

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message