Thanks for the reply.. let me clearly tell you the problem.. we use certificates generated by iPlanet Certificate Server. All the client(user) certificates are on a swipe card which are read by Gemplus card reader using USB port.... The problem is when the user swipes it, user should automatically be authenticated..(currently we have another web application running on iPlanet web server - which picks up username from the card and authenticates against LDAP). Is this possible in Tomcat? SSL is working fine - only problem is authentication.. Thanks Appa
Bill Barker <[EMAIL PROTECTED]> wrote: Ok, everyone else is signing their replies. I can do that too ;-). Out-of-the-box, TC 4.1.24 has very limited support for x509 auth. Only the (deprecated) MemoryRealm actually supports it. Also, only the Stand-Alone JSSE Connector will correctly retrieve the x509 certs in the current release version (the Jk-Coyote Connector is fixed in the CVS, and the fixes for the Stand-Alone PureTLS Connector will show up before 4.1.25 comes out). "Mario Ivankovits" wrote in message news:[EMAIL PROTECTED] > I have developed a solution, where you can use client-certificates for user > authentication. > > You can find information at > http://nagoya.apache.org/bugzilla/show_bug.cgi?id=7831 > > Currently an implementation for "Standard LDAP" and "Windows-2000 > ActiveDirectory" is available. > Using W2K-AD you might have troubles, since i have tested it only with two > different client-certificates. > > Mainly you have to import the certificate in your LDAP Server, and then the > user-mapping is done by my JNDIRealm* classes. > > Mario > > > ----- Original Message ----- > From: "appa rao" > To: > Sent: Friday, June 20, 2003 7:33 AM > Subject: How to use digital certificates > > > > Hi, > > > > Can any one give me an example of how to use Digital Certificates for > authentication and authorizatioin in Tomcat? I am struggling to under the > concept of certificates and their use in authentication and authorization.. > I am using Tomcat - 4.1.24. > > > > Thanks in advance.. > > > > appa > > > > SMS using the Yahoo! Messenger;Download latest version. > > ATTACHMENT part 2 application/x-pkcs7-signature name=smime.p7s SMS using the Yahoo! Messenger;Download latest version.
