Setting clientAuth to true / false in the Connector configuration
works fine, but how do I configure client authenticaton on a
per-directory or even per-servlet basis?
This is my current configuration:
In server.xml:
<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" debug="0" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="\...\keystore.jks" keystorePass="wonttell"
truststoreFile="\...\truststore.jks" truststorePass="wonttell"
/>
In web.xml:
<security-constraint>
<web-resource-collection>
<url-pattern>/html/*</url-pattern>
</web-resource-collection>
<auth-constraint/>
<user-data-constraint/>
</security-constraint>
<login-config>
<auth-method>CLIENT-CERT</auth-method>
</login-config>
And here are the results I get:
https://domain/anypage : OK
https://domain/html/anypage : HTTP Status 403 - Access to the
requested resource has been denied
The logfile says:
01.02.2006 15:19:57 org.apache.coyote.http11.Http11Processor action
WARNING: Exception getting SSL Cert
java.net.SocketException: Socket Closed
What's wrong with my configuration?
Markus
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
