Humm... When I set SSL connector with clientAuth="true", Tomcat 5 gives me this,
Handshake failed javax.net.ssl.SSLHandshakeException: javax.net.ssl.SSLProtocolException: handshake alert: no_certificate On Thu, 2002-09-19 at 01:09, [EMAIL PROTECTED] wrote: > billbarker 2002/09/18 22:09:28 > > Modified: util/java/org/apache/tomcat/util/net JSSESocketFactory.java > Log: > Fix problem with JSSE not honoring "clientauth". > > Now there should be now reason for anyone to believe that CertificatesValve should >be used ever with the CoyoteConnector. :-) > > Revision Changes Path > 1.3 +16 -2 >jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/JSSESocketFactory.java > > Index: JSSESocketFactory.java > =================================================================== > RCS file: >/home/cvs/jakarta-tomcat-connectors/util/java/org/apache/tomcat/util/net/JSSESocketFactory.java,v > retrieving revision 1.2 > retrieving revision 1.3 > diff -u -r1.2 -r1.3 > --- JSSESocketFactory.java 18 Sep 2002 15:10:04 -0000 1.2 > +++ JSSESocketFactory.java 19 Sep 2002 05:09:28 -0000 1.3 > @@ -161,7 +161,18 @@ > > //determine whether we want client authentication > // the presence of the attribute enables client auth > - clientAuth = null != (String)attributes.get("clientauth"); > + String clientAuthStr=(String)attributes.get("clientauth"); > + if(clientAuthStr != null){ > + if(clientAuthStr.equals("true")){ > + clientAuth=true; > + } else if(clientAuthStr.equals("false")) { > + clientAuth=false; > + } else { > + throw new IOException("Invalid value '" + > + clientAuthStr + > + "' for 'clientauth' parameter:"); > + } > + } > > String keyPass=(String)attributes.get("keypass"); > if( keyPass==null) keyPass=defaultKeyPass; > @@ -224,11 +235,14 @@ > public Socket acceptSocket(ServerSocket socket) > throws IOException > { > + SSLSocket asock = null; > try { > - return socket.accept(); > + asock = (SSLSocket)socket.accept(); > + asock.setNeedClientAuth(clientAuth); > } catch (SSLException e){ > throw new SocketException("SSL handshake error" + e.toString()); > } > + return asock; > } > > /** Set server socket properties ( accepted cipher suites, etc) > > > > > -- > To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>