Hi,
I'm using Tomcat with SSL and authentication with
client certificates.
When I take the certificate with request.getAttribute(
"javax.servlet.request.X509Certificate"), I have
the correct certificate, but if I take it after a few
minutes, I have null (probably, the SSL session
is expired)
e private key. This also
forces the client to send a certificate.
andreas
Luis Pascual Forner schrieb:
No, because I want that the certificate was
required ONLY when I acces to some pages.
In fact, this is how now works, but sometimes
the method getAttribute("javax.servlet.request.X509Certif
I need it.
thanks,
Luis
ahuelsing escribió:
Hi,
you have to set clientAuth="true"
andreas
Luis Pascual Forner schrieb:
Thanks, Bill,
I use the JIO connector.
That's my server.xml:
className="org.apache.catalina.mbeans.ServerLif
Thanks, Steve
With
response.setHeader("Cache-Control", "cache");
response.setHeader("Pragma", "cache");
runs OK in IE
regards,
Luis
Steve Ochani escribió:
Date sent: Thu, 05 Jun 2008 10:36:32 +0200
From:
Hello,
The JSP script that follows produces an error
when accessing with Internet Explorer:
<%@ page contentType="application/pdf" %>
<%@ page import="java.io.File" %>
<%@ page import="java.io.FileInputStream" %>
<%@ page import="java.io.InputStreamReader" %>
<%
InputStreamReader in = new
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
at java.lang.Thread.run(Thread.java:619)
But not if I use Firefox with Linux.
Luis Pascual Forner escribió:
Thanks, Bill,
I use the JIO connector.
That's my server.xml:
clas
t; sslProtocol="TLS"
truststoreFile="/XXX/trustcacerts" truststorePass="XXX"
truststoreType="JKS"/>
enableLookups="false" redirectPort="8443"
protocol="AJP/1.3" />
Hi,
I need autheticate ONLY with client certificate (i.e., I don't want
to check any user's database) . I did that follow:
1. I write a "X509Realm", with a method "authenticate" that
only check the validity of each certificate in the
certification's chain (don't check if the user e
Hello,
I'm trying to use CLIENT-CERT authentication with Tomcat. When I get
the attribute "javax.servlet.request.X509Certificate" the first time,
it returns the certificate. So far, so good. But if I access the same
JSP after that, or another JSP that get the same attribute, it returns
null. W
