tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sanjeev Sharma <sanjeev.sha...@buchanan-edwards.com>
Subject Client Authentication--getting certificate information on the server side
Date Mon, 06 Feb 2012 17:01:20 GMT
Hello,

I'm trying to configure client authentication in Tomcat 7 on Windows 7.  I have the following
connector in the server.xml:

<Connector port="443"
           protocol="HTTP/1.1"
           SSLEnabled="true"
           maxThreads="150"
           scheme="https"
           secure="true"
           keystoreFile="d:\certs\server_cert.jks"
           keystorePass="changeit"
           truststoreFile="d:\certs\truststore.jks"
           truststorePass="changeit"
           clientAuth="true"
           sslProtocol="TLS" />

In my web.xml I have the following :

    <login-config>
        <auth-method>CLIENT-CERT</auth-method>
        <realm-name>PKI Enabled App</realm-name>
    </login-config>

This forces client authentication when I try to access the app using a browser and when I
provide a trusted certificate, I'm able get authenticated.  After the authentication I was
expecting to get the client certificate information in the session, but I get nothing.  How
do I pass the Common Name from the subject line of the client certificate to the server during
authentication so that I can access it from a struts action?

Thanks in advance.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message