tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: tomcat ssl client authentication
Date Thu, 13 Sep 2007 01:49:47 GMT

"Shuwen" <wenxue_2004@yahoo.com> wrote in message 
news:303044.1576.qm@web50412.mail.re2.yahoo.com...
> Hi,
>     I would like to find out how to configure client authentication when 
> enabling tomcat to run on https.  From 
> http://tomcat.apache.org/tomcat-5.0-doc/ssl-howto.html, it says that
>
>  *******************
>   For using clientAuth on a per-user or per-session basis, check out the 
> tips in Bugzilla 34643.
>  ******************
>  Does it mean that if I would like to configure client authentication, I 
> need to patch the .java file on
>  http://issues.apache.org/bugzilla/show_bug.cgi?id=34643?
>

This is mostly about "advanced topics" (e.g. adding users on the fly, 
allowing the webapp to validate the cert).  Most people get by with putting:
    <login-config>
        <auth-method>CLIENT-CERT</auth-method>
    </login-config>
in their web.xml file, and configuring the truststore* attributes on the 
<Connector /> in server.xml.

Note, if you apply the patch in 34643, then you are requiring your webapp to 
autherise access to resources based on the client cert.


>     I have found various sources on internet regarding the issue.  Can 
> anyone recommend a reliable way or point me to the reference for 
> configuring client authentication?
>
>



>
>  Thanks a lot in advance,
>
>  Shuwen
>
>
> ---------------------------------
> Fussy? Opinionated? Impossible to please? Perfect.  Join Yahoo!'s user 
> panel and lay it on us. 




---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message