You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Jerry Lampi <ja...@sdsusa.com> on 2015/12/17 22:32:43 UTC
Can server.xml Connector values be read from a servlet at runtime?
Specifically, I need to know if the value of clientAuth in the Connector
for port 443 is set to true.
Here is my connector:
<Connector
port="443"
clientAuth="true"
scheme="https"
secure="true"
SSLEnabled="true"
maxThreads="200"
protocol="org.apache.coyote.http11.Http11NioProtocol"
useSendfile="false"
.
.
.
/>
So at runtime, can I read the value of clientAuth?
I tried:
String clientAuth = System.getProperty("clientAuth");
and
String clientAuthEnv = System.getenv("clientAuth");
They are both null. I expected that they would be null, but I just want
you to know I tried something.
I'm sure I could read the server.xml file in a servlet as a basic file,
but if it were changed after Tomcat started up, its contents would not
represent what Tomcat was configured with when it was started.
Thanks,
Jerry
---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 151217-1, 12/17/2015
Tested on: 12/17/2015 3:32:44 PM
avast! - copyright (c) 1988-2015 AVAST Software.
https://www.avast.com/antivirus
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Can server.xml Connector values be read from a servlet at
runtime?
Posted by Jerry Lampi <ja...@sdsusa.com>.
The plan is to bypass the sign on page when tomcat is configured to use
client authentication.
So if my sign on servlet gets invoked, AND clientAuth=true, I won't
display the sign on page, but take another path. I'll have more work to
do to actually log the user in, but it'll be by using the certificate
used in the TLS/SSL connection through RACF on a z/OS mainframe running
Tomcat under USS (Unix System Services).
This is a one-off configuration for a client demanding smart card ONLY
log in. All other installations of the product use a normal log in page
for sign on; not a smart card.
I'm no Tomcat expert, so if there is another way to determine if
clientAuth=true, that would work, too.
Jerry
On 12/17/2015 3:42 PM, Mark Thomas wrote:
> On 17/12/2015 21:32, Jerry Lampi wrote:
>> Specifically, I need to know if the value of clientAuth in the Connector
>> for port 443 is set to true.
>>
>> Here is my connector:
>> <Connector
>> port="443"
>> clientAuth="true"
>> scheme="https"
>> secure="true"
>> SSLEnabled="true"
>> maxThreads="200"
>> protocol="org.apache.coyote.http11.Http11NioProtocol"
>> useSendfile="false"
>> .
>> .
>> .
>> />
>>
>> So at runtime, can I read the value of clientAuth?
> Yes, if you go via JMX.
>
> Why do you want to do this?
>
> Mark
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
>
> ---
> avast! Antivirus: Inbound message clean.
> Virus Database (VPS): 151217-1, 12/17/2015
> Tested on: 12/17/2015 3:43:08 PM
> avast! - copyright (c) 1988-2015 AVAST Software.
> https://www.avast.com/antivirus
>
>
>
---
avast! Antivirus: Outbound message clean.
Virus Database (VPS): 151217-1, 12/17/2015
Tested on: 12/17/2015 4:50:31 PM
avast! - copyright (c) 1988-2015 AVAST Software.
https://www.avast.com/antivirus
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Can server.xml Connector values be read from a servlet at
runtime?
Posted by Mark Thomas <ma...@apache.org>.
On 17/12/2015 21:32, Jerry Lampi wrote:
> Specifically, I need to know if the value of clientAuth in the Connector
> for port 443 is set to true.
>
> Here is my connector:
> <Connector
> port="443"
> clientAuth="true"
> scheme="https"
> secure="true"
> SSLEnabled="true"
> maxThreads="200"
> protocol="org.apache.coyote.http11.Http11NioProtocol"
> useSendfile="false"
> .
> .
> .
> />
>
> So at runtime, can I read the value of clientAuth?
Yes, if you go via JMX.
Why do you want to do this?
Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org