Hi,
I add to the web.xml <security-constraint> <display-name>Secure Application</display-name> <web-resource-collection> <web-resource-name> Secure Application</web-resource-name> <url-pattern>/app/cert/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>tomcat</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>CLIENT-CERT</auth-method> <realm-name>Secure Application</realm-name> </login-config> <security-role> <role-name>tomcat</role-name> </security-role> ...and SSL client authentication works until Tomcat try to map client certificate to user or group. So how I should configure client certificate - user/group mapping? Br, Petri