It's not in web.xml. You have to edit your <connector> tag in
'server.xml'. Do you have one way authentication working (having the
server authenticate himself for a client browser connecting in)? If you
have you should have a <connector> tag that looks a little like this:
<Connector
className="org.apache.tomcat.service.PoolTcpConnector">
<Parameter name="handler"
value="org.apache.tomcat.service.http.HttpConnectionHandler"/>
<Parameter name="port"
value="443"/>
<Parameter name="socketFactory"
value="org.apache.tomcat.net.SSLSocketFactory" />
</Connector>
what you need to do is add the <parameter name="clientAuth" value="true"
/> inside that connector tag. This should make Tomcat request a
certificate from clients connecting.
note. This option only works in Tomcat 3.2 and later.
How (and if) you can protect specific webapps with this kind of (two-way
authentication) ssl and have other webapps open on regular SSL (or even
just regular HTTP) is another matter and I'm afraid I can't help you
with that. Well one thing you could do of course is have two (or three)
instances of tomcat running. One with two-way authentication, one with
regular SSL and one with regular http. Then you could set the webapps
in each one according to your needs... but now I'm babbling on and I
don't even know if this is at all what you need...
Regards, Stefan.
-----Original Message-----
From: Cory Hubert [mailto:[EMAIL PROTECTED]]
Sent: 2. mars 2001 19:32
To: [EMAIL PROTECTED]
Subject: Client Certificate Authentication
Anyone know how to configure your web.xml to accept
Client-Certificates.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
