may be that article helps: http://www.tomcatexpert.com/blog/2012/07/10/enabling-ssl-communication-and-client-certificate-authentication-between-apache-web-
burghard. Am 12.07.2012 um 01:25 schrieb Jeffrey Janner: > Reposting to the list, as that's the way.... > > Esmond, > We already implement your solution, with the exception of the SSL Client > Certificate. > That is what I was aiming for. > Thanks for the pointer to AuthenticRoast. We'll give it a look. > I've also seen something in the Apache tools called TripleSec which looks > interesting. But really just looking for some additional info on how the > client SSL stuff really works. > Jeff > >> -----Original Message----- >> From: Esmond Pitt [mailto:esmond.p...@bigpond.com] >> Sent: Wednesday, July 11, 2012 5:58 PM >> To: Jeffrey Janner >> Subject: RE: Client Authentication using SSL >> >> Jeffrey >> >> 'Two-factor authentication' isn't supported by Tomcat natively. Have a >> look for a package in Google Code called AuthenticRoast. I contributed >> a JAAS layer to it myself. I am using it for a scenario where I have >> these >> 'factors': >> >> - SSL client certificate >> - 'ticket' (a UID in the URL, e.g. for password resets) >> - form >> >> >> EJP >> >> -----Original Message----- >> From: Jeffrey Janner [mailto:jeffrey.jan...@polydyne.com] >> Sent: Thursday, 12 July 2012 3:15 AM >> To: 'Tomcat Users List' >> Subject: RE: Client Authentication using SSL >> >>> -----Original Message----- >>> From: Jeffrey Janner [mailto:jeffrey.jan...@polydyne.com] >>> Sent: Wednesday, July 11, 2012 11:36 AM >>> To: 'Tomcat Users List' >>> Subject: Client Authentication using SSL >>> >>> Looking into implemented two-factor Auth for Tomcat with first factor >>> being our current userid/password form. >>> I figured that the second factor could be Client Authentication using >>> SSL, as it seems readily available in Tomcat. >>> Aside from the wonderful Tomcat documentation on configuring the >>> <connector> element, does anyone else have any suggested reading on >>> the subject? >>> Any gotchas I should look for? >>> >>> Jeffrey Janner >>> >> ______________________________________________________________________ >>> _ >> >> Forgot to mention that I'd be running under APR/native. >> _______________________________________________________________________ >> ___ >> >> Confidentiality Notice: This Transmission (including any attachments) >> may contain information that is privileged, confidential, and exempt >> from disclosure under applicable law. If the reader of this message is >> not the intended recipient you are hereby notified that any >> dissemination, distribution, or copying of this communication is >> strictly prohibited. >> >> If you have received this transmission in error, please immediately >> reply to the sender or telephone (512) 343-9100 and delete this >> transmission from your system. >> >> >> > > __________________________________________________________________________ > > Confidentiality Notice: This Transmission (including any attachments) may > contain information that is privileged, confidential, and exempt from > disclosure under applicable law. If the reader of this message is not the > intended recipient you are hereby notified that any dissemination, > distribution, or copying of this communication is strictly prohibited. > > If you have received this transmission in error, please immediately reply to > the sender or telephone (512) 343-9100 and delete this transmission from your > system. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
