Diego Ballve [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Hello,
I'm using ssl client authentication with Tomcat 5.0.28. I have configured
it to use my truststoreFile and all works fine there.
I have added a feature to my webapp (The freebXML Registry,
http://ebxmlrr.sourceforge.net/) to allow the user to register his own
certificate when creating an user account. The certificate gets added to
truststoreFile and other account details are set.
My problem is that the SSL Connector will only read the truststoreFile
when it is initialized. What I would like to have something monitoring the
keystore file for changes and reload it to to the connector when it
happens. I could not find a way to do it yet by checking the source for
JSSEConnector (method init() triggers keystore loading). Has anybody done
something similar??
Strangely, there seems to be more requests to do this sort of thing. Take a
look at http://issues.apache.org/bugzilla/show_bug.cgi?id=34643.
It's possible to bounce the Connector using JMX (which probably isn't good
enough, since it bounces already-connected sessions as well). Otherwise,
no, Tomcat currently initializes the TrustStore on startup, and won't
re-initialize it afterwards.
As always, patches are always welcome :).
Another posibility would be to re-initialize the connector every hour, fo
instance. There would be some delay after registration but user could be
pacient and wait a bit. Is this easy to achieve/configure??
Thanks,
Diego
--
Diego Ballve
Digital Artefacts Europe
http://www.digital-artefacts.fi/
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]