Tomcat as such on its own does not parse and validate a certificate. I don't think its possible. You can identify a client through the certificate alias the client uses. Access to specific URLs depends on the server certificate where you specify the URL and send the client your public key. I think there is no automatic mechanism in Tomcat that studies the certificate and allows access to specific URLs. This needs to be implemented by any our deployed programs.
----- Original Message ----- From: "secam secam" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Monday, February 23, 2004 4:17 PM Subject: Re: tomcat certificate > Thanks, > > Here is my real problem, > > I've got an external server that authentificate user and deliver a certicate with the trio User/Group/Role. > > In fact, i just want that the certificate give information of the user to tomcat in order to permit the access to some specifics url. > > Is it possible? > > Regard's > > Secam > > Rommel Sharma <[EMAIL PROTECTED]> wrote: > If you mean two way authentication using SSL, then you have to write the > code that reads clients certificate and matches it with one present in > client keystore on the server. You enable client authentication in > server.xml for this and specify the serverkeystore and password in it. > Regards, > Rommel Sharma. > > ----- Original Message ----- > From: "secam secam" > To: > Sent: Monday, February 23, 2004 3:30 PM > Subject: tomcat certificate > > > hello, > > > > I'm a new user of tomcat. > > Can tomcat authenticate a user with a certifcate ? > > > > Thanks, > > Secam > > > > > > --------------------------------- > > Yahoo! Mail : votre e-mail personnel et gratuit qui vous suit partout ! > > Cr�ez votre Yahoo! Mail > > ********************************************************* > Disclaimer > > This message (including any attachments) contains > confidential information intended for a specific > individual and purpose, and is protected by law. > If you are not the intended recipient, you should > delete this message and are hereby notified that > any disclosure, copying, or distribution of this > message, or the taking of any action based on it, > is strictly prohibited. > > ********************************************************* > Visit us at http://www.mahindrabt.com > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------- > Yahoo! Mail : votre e-mail personnel et gratuit qui vous suit partout ! > Cr�ez votre Yahoo! Mail ********************************************************* Disclaimer This message (including any attachments) contains confidential information intended for a specific individual and purpose, and is protected by law. If you are not the intended recipient, you should delete this message and are hereby notified that any disclosure, copying, or distribution of this message, or the taking of any action based on it, is strictly prohibited. ********************************************************* Visit us at http://www.mahindrabt.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
