I didn't like this implementation. (Or I haven't understood) When Tomcat is configured for SSL with client cert authentication required, it already uses a keystore (connector tag in server.xml). This keystore contains only the server certificate. The clients certificates is authenticated against trusted CA certificates configured in keystore "JAVA_HOME\lib\security\cacerts". When the client certificate was produced from a trusted CA in the cacerts keystore it is included in request attribute "javax.servlet.request.X509Certificate". It would be better to authenticate with the certificate in this variable against the portal Users Table, I think.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3875297#3875297 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3875297 ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ JBoss-Development mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-development
