You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2012/03/08 18:52:52 UTC

DO NOT REPLY [Bug 52500] Improve client certificate authentication

https://issues.apache.org/bugzilla/show_bug.cgi?id=52500

Christopher Schultz <ch...@christopherschultz.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED

--- Comment #33 from Christopher Schultz <ch...@christopherschultz.net> 2012-03-08 17:52:52 UTC ---
Michael,

I've applied a simplified patch based upon yours. The differences are:

1. No 'X509UsernameRetrieverConfiguration' attribute. This can be handled with
a custom class instead of the more complicated proposed configuration.

2. X509SubjectDNRetriever trivially returns cert.getSubjectDN().getName(),
since the above change was made.

I will likely be adding a form of /your/ X509SubjectDNUsernameRetriever class
that is intended to be subclassed to provide the name of the SubjectDN
attribute you'd like to use.

Fixed in trunk in r1298476.
Fixed in 7.0.x in r1298479. Will be included in 7.0.27.
Proposed for 6.0.x.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org