tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pid <...@pidster.com>
Subject Re: Client Authentication--getting certificate information on the server side
Date Mon, 06 Feb 2012 17:19:52 GMT
On 06/02/2012 17:01, Sanjeev Sharma wrote:
> Hello,
> 
> I'm trying to configure client authentication in Tomcat 7 on Windows 7.  I have the following
connector in the server.xml:
> 
> <Connector port="443"
>            protocol="HTTP/1.1"
>            SSLEnabled="true"
>            maxThreads="150"
>            scheme="https"
>            secure="true"
>            keystoreFile="d:\certs\server_cert.jks"
>            keystorePass="changeit"
>            truststoreFile="d:\certs\truststore.jks"
>            truststorePass="changeit"
>            clientAuth="true"
>            sslProtocol="TLS" />
> 
> In my web.xml I have the following :
> 
>     <login-config>
>         <auth-method>CLIENT-CERT</auth-method>
>         <realm-name>PKI Enabled App</realm-name>
>     </login-config>
> 
> This forces client authentication when I try to access the app using a browser and when
I provide a trusted certificate, I'm able get authenticated.  After the authentication I was
expecting to get the client certificate information in the session, but I get nothing.  How
do I pass the Common Name from the subject line of the client certificate to the server during
authentication so that I can access it from a struts action?
> 
> Thanks in advance.

There are a number of variables (javax.servlet.request.ssl*) available
in the *request* rather than the session.  Which ones are you trying to
access?

There's a list of various relevant things here:

http://svn.apache.org/repos/asf/tomcat/trunk/java/org/apache/catalina/Globals.java


p





-- 

[key:62590808]


Mime
View raw message