I need to override a single method in a standard tomcat6 realm for a particular
webApp/context.
The method: RealmBase.getPrincipal(X509Certificate usercert)
Q1) Should I create a new custom realm (..subClass of RealmBase) which is
based-on/copied-from the original/standard tomcat
Can anyone tell me what class/method i would need to override
to make a client x509 cert subject/dn attribute
to a valid tomcat username (in memory realm or otherwise)
I assume the authenticator method
or perhaps the login method...
Can anyone tell me what class.method
which I would need to override
to map a client x509 cert subject/dn attribute
to a valid tomcat username (in memory realm or otherwise)
I assume the authenticator method
or perhaps the login method...
/CASUM/X.509+Certificates
From: Caldarale, Charles R chuck.caldar...@unisys.com
To: Tomcat Users List users@tomcat.apache.org
Sent: Fri, August 27, 2010 1:12:24 PM
Subject: RE: CLIENT-AUTH x509 attribute mapping to user name
From: Michael Dockery [mailto:dockeryjava
in my case, i am testing with clients authenticating to tomcat with dod cac
cards. (smartcards)
i downloaded the dod root p7b cert files
i checked/verified the root cert for the client cac card certs,
matched the dod root certs (in the p7b files)
i extracted ONLY the root cert's from each
i had to install my ca root certs in a keystore specificed/referenced by the
truststorefile parameter
NOT the keystorefile parm
From: /U uma...@comcast.net
To: users@tomcat.apache.org
Sent: Sat, April 10, 2010 10:07:47 AM
Subject: Re: Installing certificate
Thank you.
So did you load the ca root cert (self-signed top of chain) into the
truststorefile? via keytool?
also
does your web app's web.xml have the following?
login-config
auth-methodCLIENT-CERT/auth-method
/login-config
and
security-constraint
...
user-data-constraint
I get this error when my webapp on tomcat6 connects to ms sql via 1.2 jdbc
driver using integrated auth.
com.microsoft.sqlserver.jdbc.SQLServerException: This driver is not configured
for integrated authentication.
i have the sqljdbc_auth.dll in win\sys32 and other places
the it all works
8:13:58 AM
Subject: Re: SSL only working on localhost
Can you see your page from another computer without SSL?
What's your OS?
Is it possible that the problem is the Firewall. Can you see the port 80
and 443 are open?
2009/12/2 Pid p...@pidster.com
On 02/12/2009 12:41, Michael Dockery wrote
i agree with Chuck
and would add these commands for consideration on a windows box
netstat -ano will show the pid of any java job which is tied to a tcp port
likewise (on windows only):
wmic process get /all /value
is another win vista/win7/xp pro+ command
which will show all the
I have gotten ssl w/self-signed cert
working on tomcat 6 a few times in the past.
I am trying it again on a different server
I am using port 443
when i attempt https://localhost
via a browswer on the server itself
the browser is properly presented with the cert warning (as i
11 matches
Mail list logo
