You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2004/06/16 22:16:55 UTC
DO NOT REPLY [Bug 29622] -
HttpServletRequest.getAuthType() always returns null
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=29622>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=29622
HttpServletRequest.getAuthType() always returns null
jan.luehe@sun.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From jan.luehe@sun.com 2004-06-16 20:16 -------
getAuth() returns CLIENT-CERT for me.
org.apache.catalina.authenticator.SSLAuthenticator.authenticate() has this code
before it returns:
// Authenticate the specified certificate chain
principal = context.getRealm().authenticate(certs);
if (principal == null) {
if (debug >= 1)
log(" Realm.authenticate() returned false");
hres.sendError(HttpServletResponse.SC_UNAUTHORIZED,
sm.getString("authenticator.unauthorized"));
return (false);
}
// Cache the principal (if requested) and record this authentication
register(request, response, principal, Constants.CERT_METHOD,
null, null);
register() sets the auth method (Constants.CERT_METHOD) on the request. Seems
that you're returning before register() is being called, ie, the subject DN in
your client's cert fails to be authenticated against the realm. In case you're
using the memory realm, did you add a <user> element with a username matching
the subject DN of your client cert to your tomcat-users.xml?
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org