You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by "Riley,R" <R....@lse.ac.uk> on 2001/04/23 16:15:31 UTC

newbie: how to make /admin use client cert

I've been trying to make the /admin webapp supplied with tomcat use my
client cert.

I've imported my certificate into the tomcat server host's  .keystore using
-keytool and specifying -trustcacerts.

I'm not sure what to put in the web.xml and whether or not I have to put an
entry into tomcat-users.xml (I haven't been able to find a tomcat-users.dtd)

At present I've got the following in the webapps/admin/web-inf/web.xml:

<security-constraint>
...
      <auth-constraint>
         <role-name>admin</role-name>
      </auth-constraint>
 </security-constraint>

    <login-config>
      <auth-method>CLIENT-CERT</auth-method>
    </login-config>
..

and I've added   <user name="mycert_alias" password="cert_store_pwd"
roles="admin" /> to tomcat-users.xml.

When a browser requests the contextAdmin.jsp tomcat returns Error: 401
Location: /admin/contextAdmin/contextAdmin.jsp  null

Any help or enlightenment much appreciated.

Thanks

Ron