SSL with client certificates + use in application

[Paul Puschmann <ln...@uzulabs.net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,
we'd like use use ssl client certificates (stored on smartcards) to
secure the access to one of our servers.

Right now I use an Apache2 with mod_jk, so my apache2 is the ssl
endpoint. That's not so bad, but I am searching for a way to integrate
the user-id served by the client-certificate in our application.

An example: The user logs in with his smartcard, using his pin when
establishing the ssl-connection, and then gets to our jsp-pages
(application). Here he shouldn't get another login screen. instead the
ssl-credentials should be used.

Perhaps someone here uses something like this and give me some hints.

The Apache2 with mod_jk is optional, we could also use the Tomcat 5.5
directly with ssl if this is the only way.

Kind regards,

Paul


- --
Linux-User #271918 with the Linux Counter, http://counter.li.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (MingW32)

iEYEARECAAYFAkJ19I8ACgkQqErKtBWD7VTd1gCg289PJ4CfE5e1M7ZSWTuNo8ER
pfoAnjbRCWb1afIoEh2DZhJYx1QTtCOX
=HzIQ
-----END PGP SIGNATURE-----


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org