"Walden Mathews" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hello Tomcat Users, > > Is there Tomcat 4 documentation on: >
Tomcat 5 has a mention (specific to TC 5, but may get back-ported to 4.1.x). > (1) How to configure Tomcat's trust store; -Djavax.net.ssl.trustStore=/path/to/TrustStore \ -Djavax.net.ssl.trustStorePassword=<your-password-here> In theory, you should also be able to configure it via JMX in 4.1.29, but I don't remember the OName off of the top of my head. > > (2) How to map trusted certificate Subject onto > tomcat-users credentials (or how does HTTP > auth proceed when using CLIENT-CERT)? > Only MemoryRealm (of the Tomcat-supplied Realms) supports CLIENT-CERT. The user name in tomcat-users.xml is the DN (aka Subject), and the password is ignored. I believe that there are patches floating around Bugzilla for JDBCRealm and JNDIRealm as well. If you need anything more advanced, you will probably have to roll your own Realm. > Many thanks, > > Walden Mathews --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
