tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Gronosky <agron...@bbn.com>
Subject Re: Newbie question re certificates
Date Tue, 02 Dec 2014 13:25:16 GMT

On 2014-12-02 08:09, Andrew Gronosky wrote:
>
> As I discovered yesterday, if you have a client cert that is signed by 
> a CA that Tomcat trusts, but whose name (synonymously, CN) does not 
> map to a recognized user, then you will connect to Tomcat but get an 
> HTTP 401 error as your response.  If the user name is recognized but 
> lacks the required role, you get HTTP 403.
>
Correction: you get HTTP 401 in both cases, I misremembered.

-- 
Andrew Gronosky
Raytheon BBN Technologies
10 Moulton Street
Cambridge, MA 02138

voice: 617-873-3486


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message