Reposting to the list, as that's the way.... Esmond, We already implement your solution, with the exception of the SSL Client Certificate. That is what I was aiming for. Thanks for the pointer to AuthenticRoast. We'll give it a look. I've also seen something in the Apache tools called TripleSec which looks interesting. But really just looking for some additional info on how the client SSL stuff really works. Jeff
> -----Original Message----- > From: Esmond Pitt [mailto:esmond.p...@bigpond.com] > Sent: Wednesday, July 11, 2012 5:58 PM > To: Jeffrey Janner > Subject: RE: Client Authentication using SSL > > Jeffrey > > 'Two-factor authentication' isn't supported by Tomcat natively. Have a > look for a package in Google Code called AuthenticRoast. I contributed > a JAAS layer to it myself. I am using it for a scenario where I have > these > 'factors': > > - SSL client certificate > - 'ticket' (a UID in the URL, e.g. for password resets) > - form > > > EJP > > -----Original Message----- > From: Jeffrey Janner [mailto:jeffrey.jan...@polydyne.com] > Sent: Thursday, 12 July 2012 3:15 AM > To: 'Tomcat Users List' > Subject: RE: Client Authentication using SSL > > > -----Original Message----- > > From: Jeffrey Janner [mailto:jeffrey.jan...@polydyne.com] > > Sent: Wednesday, July 11, 2012 11:36 AM > > To: 'Tomcat Users List' > > Subject: Client Authentication using SSL > > > > Looking into implemented two-factor Auth for Tomcat with first factor > > being our current userid/password form. > > I figured that the second factor could be Client Authentication using > > SSL, as it seems readily available in Tomcat. > > Aside from the wonderful Tomcat documentation on configuring the > > <connector> element, does anyone else have any suggested reading on > > the subject? > > Any gotchas I should look for? > > > > Jeffrey Janner > > > ______________________________________________________________________ > > _ > > Forgot to mention that I'd be running under APR/native. > _______________________________________________________________________ > ___ > > Confidentiality Notice: This Transmission (including any attachments) > may contain information that is privileged, confidential, and exempt > from disclosure under applicable law. If the reader of this message is > not the intended recipient you are hereby notified that any > dissemination, distribution, or copying of this communication is > strictly prohibited. > > If you have received this transmission in error, please immediately > reply to the sender or telephone (512) 343-9100 and delete this > transmission from your system. > > > __________________________________________________________________________ Confidentiality Notice: This Transmission (including any attachments) may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient you are hereby notified that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this transmission in error, please immediately reply to the sender or telephone (512) 343-9100 and delete this transmission from your system. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
