You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Mark Thomas <ma...@apache.org> on 2007/09/24 06:14:32 UTC

Re: ??: could two tomcat servers have mutual authentication?

quanxin zhu wrote:
> Could you explain it in detail?

You have written the code to call a web service. You need to write
additional code to pass a certificate.

> where could I find the instruction to modify the code to implement this
> function?

Goggle woudl be a good place to start.

> I have another questions, when navigate a servlet using browser, the tomcat
> server could trasfer the certification to browser automatically,
> why cannot it transfer the certification to other tomcat servers for
> authentication?

Because in Tomcat to browser communciation Tomcat is acting as the
server and Tomcat includes code to pass the certificate to the client in
this case.

When you write a servlet that calls a web service, your servlet is
acting as a client and you have to hand code the SSL aspects in the same
way as every other aspect of the web service client.

Mark

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

答复: ??: could two tomcat servers have mutual authentication?

Posted by 罗时飞 <lu...@yuchengtech.com>.

Yes, you are right, this is what my book used. :-)

-----邮件原件-----
发件人: quanxin zhu [mailto:quanxinzhu@gmail.com] 
发送时间: 2007年9月25日 22:58
收件人: Tomcat Users List
主题: Re: ??: could two tomcat servers have mutual authentication?

Let me post the solution:

It is very easy to transfer client certificate to servers that required
client authentication using certificate,

just add the following two statements in my webservice client:

System.setProperty("javax.net.ssl.keyStore",keystore);
System.setProperty("javax.net.ssl.keyStorePassword",password);


2007/9/24, quanxin zhu <qu...@gmail.com>:
>
> ok, I know.
> Thx a lot!
>
>
> 2007/9/24, Mark Thomas <ma...@apache.org>:
> >
> > quanxin zhu wrote:
> > > Could you explain it in detail?
> >
> > You have written the code to call a web service. You need to write
> > additional code to pass a certificate.
> >
> > > where could I find the instruction to modify the code to implement
> > this
> > > function?
> >
> > Goggle woudl be a good place to start.
> >
> > > I have another questions, when navigate a servlet using browser, the
> > tomcat
> > > server could trasfer the certification to browser automatically,
> > > why cannot it transfer the certification to other tomcat servers for
> > > authentication?
> >
> > Because in Tomcat to browser communciation Tomcat is acting as the
> > server and Tomcat includes code to pass the certificate to the client in
> > this case.
> >
> > When you write a servlet that calls a web service, your servlet is
> > acting as a client and you have to hand code the SSL aspects in the same
> >
> > way as every other aspect of the web service client.
> >
> > Mark
> >
> >
> > ---------------------------------------------------------------------
> > To start a new topic, e-mail: users@tomcat.apache.org
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.



-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: ??: could two tomcat servers have mutual authentication?

Posted by quanxin zhu <qu...@gmail.com>.

Let me post the solution:

It is very easy to transfer client certificate to servers that required
client authentication using certificate,

just add the following two statements in my webservice client:

System.setProperty("javax.net.ssl.keyStore",keystore);
System.setProperty("javax.net.ssl.keyStorePassword",password);


2007/9/24, quanxin zhu <qu...@gmail.com>:
>
> ok, I know.
> Thx a lot!
>
>
> 2007/9/24, Mark Thomas <ma...@apache.org>:
> >
> > quanxin zhu wrote:
> > > Could you explain it in detail?
> >
> > You have written the code to call a web service. You need to write
> > additional code to pass a certificate.
> >
> > > where could I find the instruction to modify the code to implement
> > this
> > > function?
> >
> > Goggle woudl be a good place to start.
> >
> > > I have another questions, when navigate a servlet using browser, the
> > tomcat
> > > server could trasfer the certification to browser automatically,
> > > why cannot it transfer the certification to other tomcat servers for
> > > authentication?
> >
> > Because in Tomcat to browser communciation Tomcat is acting as the
> > server and Tomcat includes code to pass the certificate to the client in
> > this case.
> >
> > When you write a servlet that calls a web service, your servlet is
> > acting as a client and you have to hand code the SSL aspects in the same
> >
> > way as every other aspect of the web service client.
> >
> > Mark
> >
> >
> > ---------------------------------------------------------------------
> > To start a new topic, e-mail: users@tomcat.apache.org
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>

Re: ??: could two tomcat servers have mutual authentication?

Posted by quanxin zhu <qu...@gmail.com>.

ok, I know.
Thx a lot!


2007/9/24, Mark Thomas <ma...@apache.org>:
>
> quanxin zhu wrote:
> > Could you explain it in detail?
>
> You have written the code to call a web service. You need to write
> additional code to pass a certificate.
>
> > where could I find the instruction to modify the code to implement this
> > function?
>
> Goggle woudl be a good place to start.
>
> > I have another questions, when navigate a servlet using browser, the
> tomcat
> > server could trasfer the certification to browser automatically,
> > why cannot it transfer the certification to other tomcat servers for
> > authentication?
>
> Because in Tomcat to browser communciation Tomcat is acting as the
> server and Tomcat includes code to pass the certificate to the client in
> this case.
>
> When you write a servlet that calls a web service, your servlet is
> acting as a client and you have to hand code the SSL aspects in the same
> way as every other aspect of the web service client.
>
> Mark
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>