Return-Path: Delivered-To: apmail-tomcat-dev-archive@www.apache.org Received: (qmail 27825 invoked from network); 7 Feb 2006 16:07:30 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199) by minotaur.apache.org with SMTP; 7 Feb 2006 16:07:30 -0000 Received: (qmail 20547 invoked by uid 500); 7 Feb 2006 16:07:24 -0000 Delivered-To: apmail-tomcat-dev-archive@tomcat.apache.org Received: (qmail 20507 invoked by uid 500); 7 Feb 2006 16:07:23 -0000 Mailing-List: contact dev-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Developers List" Delivered-To: mailing list dev@tomcat.apache.org Received: (qmail 20496 invoked by uid 500); 7 Feb 2006 16:07:23 -0000 Delivered-To: apmail-jakarta-tomcat-dev@jakarta.apache.org Received: (qmail 20493 invoked by uid 99); 7 Feb 2006 16:07:23 -0000 X-ASF-Spam-Status: No, hits=0.6 required=10.0 tests=NO_REAL_NAME X-Spam-Check-By: apache.org Received: from [192.87.106.226] (HELO ajax.apache.org) (192.87.106.226) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 07 Feb 2006 08:07:23 -0800 Received: by ajax.apache.org (Postfix, from userid 99) id 32427DE; Tue, 7 Feb 2006 17:07:01 +0100 (CET) From: bugzilla@apache.org To: tomcat-dev@jakarta.apache.org Subject: DO NOT REPLY [Bug 38555] New: - CLIENT-CERT authentication fails with UserDatabase Realm Message-ID: X-Bugzilla-Reason: AssignedTo Date: Tue, 7 Feb 2006 17:07:01 +0100 (CET) X-Virus-Checked: Checked by ClamAV on apache.org X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG� RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND� INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bug.cgi?id=38555 Summary: CLIENT-CERT authentication fails with UserDatabase Realm Product: Tomcat 5 Version: 5.0.28 Platform: Other OS/Version: other Status: NEW Severity: normal Priority: P2 Component: Connector:Coyote AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: axianx@gmail.com I have set up SSL CLIENT-CERT authentication using the MemoryRealm: server.xml ========== .. tomcat-users.xml ================ ... ... web.xml =======

/secret/*

myrole>

CONFIDENTIAL

CLIENT-CERT

myrole

This works fine. The Bug ======= It does not work using the UserDatabase Realm: factory org.apache.catalina.users.MemoryUserDatabaseFactory pathname conf/tomcat-users.xml Error Message ============= I always get access denied for the protected URL even if I have the right SSL client certificate in the browser keystore AND the right clientcert metadata in the tomcat-user definition. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org For additional commands, e-mail: dev-help@tomcat.apache.org