I need to override a single method in a standard tomcat6 realm for a particular
webApp/context.
The method: RealmBase.getPrincipal(X509Certificate usercert)
Q1) Should I create a new custom realm (..subClass of RealmBase) which is
based-on/copied-from the original/standard tomcat realm?
rg/display/CASUM/X.509+Certificates
From: "Caldarale, Charles R"
To: Tomcat Users List
Sent: Fri, August 27, 2010 1:12:24 PM
Subject: RE: CLIENT-AUTH x509 attribute mapping to user name
> From: Michael Dockery [mailto:dockeryjava...@yahoo.com]
>
Can anyone tell me what class.method
which I would need to override
to map a client x509 cert subject/dn attribute
to a valid tomcat username (in memory realm or otherwise)
I assume the authenticator method
or perhaps the login method...
Can anyone tell me what class/method i would need to override
to make a client x509 cert subject/dn attribute
to a valid tomcat username (in memory realm or otherwise)
I assume the authenticator method
or perhaps the login method...
in my case, i am testing with clients authenticating to tomcat with dod cac
cards. (smartcards)
i downloaded the dod root p7b cert files
i checked/verified the root cert for the client cac card certs,
matched the dod root certs (in the p7b files)
i extracted ONLY the root cert's from each p7b
i had to install my ca root certs in a keystore specificed/referenced by the
"truststorefile" parameter
NOT the keystorefile parm
From: /U
To: users@tomcat.apache.org
Sent: Sat, April 10, 2010 10:07:47 AM
Subject: Re: Installing certificate chain on Tomat
h
Thank you.
So did you load the ca root cert (self-signed "top of chain") into the
truststorefile? via keytool?
also
does your web app's web.xml have the following?
CLIENT-CERT
and
...
CONFIDENTIAL
From: Goo Sam Kong
To: Tomca
I get this error when my webapp on tomcat6 connects to ms sql via 1.2 jdbc
driver using integrated auth.
com.microsoft.sqlserver.jdbc.SQLServerException: This driver is not configured
for integrated authentication.
i have the sqljdbc_auth.dll in win\sys32 and other places
the it all works wh
i agree with Chuck
and would add these commands for consideration on a windows box
netstat -ano will show the pid of any java job which is tied to a tcp port
likewise (on windows only):
wmic process get /all /value
is another win vista/win7/xp pro+ command
which will show all the outp
only working on localhost
Can you see your page from another computer without SSL?
What's your OS?
Is it possible that "the problem" is the Firewall. Can you see the port 80
and 443 are open?
2009/12/2 Pid
> On 02/12/2009 12:41, Michael Dockery wrote:
>
>>
>&g
I have gotten ssl w/self-signed cert
working on tomcat 6 a few times in the past.
I am trying it again on a different server
I am using port 443
when i attempt https://localhost
via a browswer on the server itself
the browser is properly presented with the cert warning (as i expecte
11 matches
Mail list logo
