You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by secam secam <se...@yahoo.fr> on 2004/02/23 11:00:07 UTC
tomcat certificate
hello,
I'm a new user of tomcat.
Can tomcat authenticate a user with a certifcate ?
Thanks,
Secam
---------------------------------
Yahoo! Mail : votre e-mail personnel et gratuit qui vous suit partout !
Créez votre Yahoo! Mail
RE: tomcat certificate
Posted by Mark Thomas <ma...@apache.org>.
This is not correct. Tomcat does support CLIENT-CERT authentication
'out-of-the-box'. When combined with appropriate authorisation constraints in
web.xml you can limit access to specific URLs.
I have this working quite happily.
Mark
> -----Original Message-----
> From: Rommel Sharma [mailto:rommels@mahindrabt.com]
> Sent: Monday, February 23, 2004 11:28 AM
> To: Tomcat Users List
> Subject: Re: tomcat certificate
>
> Tomcat as such on its own does not parse and validate a certificate.
> I don't think its possible. You can identify a client through the
> certificate alias the client uses.
> Access to specific URLs depends on the server certificate
> where you specify
> the URL and send the client your public key.
> I think there is no automatic mechanism in Tomcat that studies the
> certificate and allows access to specific URLs. This needs to
> be implemented
> by any our deployed programs.
>
> ----- Original Message -----
> From: "secam secam" <se...@yahoo.fr>
> To: "Tomcat Users List" <to...@jakarta.apache.org>
> Sent: Monday, February 23, 2004 4:17 PM
> Subject: Re: tomcat certificate
>
> > Thanks,
> >
> > Here is my real problem,
> >
> > I've got an external server that authentificate user and deliver a
> certicate with the trio User/Group/Role.
> >
> > In fact, i just want that the certificate give information
> of the user to
> tomcat in order to permit the access to some specifics url.
> >
> > Is it possible?
> >
> > Regard's
> >
> > Secam
> >
> > Rommel Sharma <ro...@mahindrabt.com> wrote:
> > If you mean two way authentication using SSL, then you have
> to write the
> > code that reads clients certificate and matches it with one
> present in
> > client keystore on the server. You enable client authentication in
> > server.xml for this and specify the serverkeystore and
> password in it.
> > Regards,
> > Rommel Sharma.
> >
> > ----- Original Message -----
> > From: "secam secam"
> > To:
> > Sent: Monday, February 23, 2004 3:30 PM
> > Subject: tomcat certificate
> >
> > > hello,
> > >
> > > I'm a new user of tomcat.
> > > Can tomcat authenticate a user with a certifcate ?
> > >
> > > Thanks,
> > > Secam
> > >
> > >
> > > ---------------------------------
> > > Yahoo! Mail : votre e-mail personnel et gratuit qui vous
> suit partout !
> > > Créez votre Yahoo! Mail
> >
> > *********************************************************
> > Disclaimer
> >
> > This message (including any attachments) contains
> > confidential information intended for a specific
> > individual and purpose, and is protected by law.
> > If you are not the intended recipient, you should
> > delete this message and are hereby notified that
> > any disclosure, copying, or distribution of this
> > message, or the taking of any action based on it,
> > is strictly prohibited.
> >
> > *********************************************************
> > Visit us at http://www.mahindrabt.com
> >
> >
> >
> >
> >
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >
> >
> > ---------------------------------
> > Yahoo! Mail : votre e-mail personnel et gratuit qui vous
> suit partout !
> > Créez votre Yahoo! Mail
>
> *********************************************************
> Disclaimer
>
> This message (including any attachments) contains
> confidential information intended for a specific
> individual and purpose, and is protected by law.
> If you are not the intended recipient, you should
> delete this message and are hereby notified that
> any disclosure, copying, or distribution of this
> message, or the taking of any action based on it,
> is strictly prohibited.
>
> *********************************************************
> Visit us at http://www.mahindrabt.com
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: tomcat certificate
Posted by Rommel Sharma <ro...@mahindrabt.com>.
Tomcat as such on its own does not parse and validate a certificate.
I don't think its possible. You can identify a client through the
certificate alias the client uses.
Access to specific URLs depends on the server certificate where you specify
the URL and send the client your public key.
I think there is no automatic mechanism in Tomcat that studies the
certificate and allows access to specific URLs. This needs to be implemented
by any our deployed programs.
----- Original Message -----
From: "secam secam" <se...@yahoo.fr>
To: "Tomcat Users List" <to...@jakarta.apache.org>
Sent: Monday, February 23, 2004 4:17 PM
Subject: Re: tomcat certificate
> Thanks,
>
> Here is my real problem,
>
> I've got an external server that authentificate user and deliver a
certicate with the trio User/Group/Role.
>
> In fact, i just want that the certificate give information of the user to
tomcat in order to permit the access to some specifics url.
>
> Is it possible?
>
> Regard's
>
> Secam
>
> Rommel Sharma <ro...@mahindrabt.com> wrote:
> If you mean two way authentication using SSL, then you have to write the
> code that reads clients certificate and matches it with one present in
> client keystore on the server. You enable client authentication in
> server.xml for this and specify the serverkeystore and password in it.
> Regards,
> Rommel Sharma.
>
> ----- Original Message -----
> From: "secam secam"
> To:
> Sent: Monday, February 23, 2004 3:30 PM
> Subject: tomcat certificate
>
> > hello,
> >
> > I'm a new user of tomcat.
> > Can tomcat authenticate a user with a certifcate ?
> >
> > Thanks,
> > Secam
> >
> >
> > ---------------------------------
> > Yahoo! Mail : votre e-mail personnel et gratuit qui vous suit partout !
> > Créez votre Yahoo! Mail
>
> *********************************************************
> Disclaimer
>
> This message (including any attachments) contains
> confidential information intended for a specific
> individual and purpose, and is protected by law.
> If you are not the intended recipient, you should
> delete this message and are hereby notified that
> any disclosure, copying, or distribution of this
> message, or the taking of any action based on it,
> is strictly prohibited.
>
> *********************************************************
> Visit us at http://www.mahindrabt.com
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
> ---------------------------------
> Yahoo! Mail : votre e-mail personnel et gratuit qui vous suit partout !
> Créez votre Yahoo! Mail
*********************************************************
Disclaimer
This message (including any attachments) contains
confidential information intended for a specific
individual and purpose, and is protected by law.
If you are not the intended recipient, you should
delete this message and are hereby notified that
any disclosure, copying, or distribution of this
message, or the taking of any action based on it,
is strictly prohibited.
*********************************************************
Visit us at http://www.mahindrabt.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: tomcat certificate
Posted by secam secam <se...@yahoo.fr>.
Thanks,
Here is my real problem,
I've got an external server that authentificate user and deliver a certicate with the trio User/Group/Role.
In fact, i just want that the certificate give information of the user to tomcat in order to permit the access to some specifics url.
Is it possible?
Regard's
Secam
Rommel Sharma <ro...@mahindrabt.com> wrote:
If you mean two way authentication using SSL, then you have to write the
code that reads clients certificate and matches it with one present in
client keystore on the server. You enable client authentication in
server.xml for this and specify the serverkeystore and password in it.
Regards,
Rommel Sharma.
----- Original Message -----
From: "secam secam"
To:
Sent: Monday, February 23, 2004 3:30 PM
Subject: tomcat certificate
> hello,
>
> I'm a new user of tomcat.
> Can tomcat authenticate a user with a certifcate ?
>
> Thanks,
> Secam
>
>
> ---------------------------------
> Yahoo! Mail : votre e-mail personnel et gratuit qui vous suit partout !
> Créez votre Yahoo! Mail
*********************************************************
Disclaimer
This message (including any attachments) contains
confidential information intended for a specific
individual and purpose, and is protected by law.
If you are not the intended recipient, you should
delete this message and are hereby notified that
any disclosure, copying, or distribution of this
message, or the taking of any action based on it,
is strictly prohibited.
*********************************************************
Visit us at http://www.mahindrabt.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
---------------------------------
Yahoo! Mail : votre e-mail personnel et gratuit qui vous suit partout !
Créez votre Yahoo! Mail
Re: tomcat certificate
Posted by Rommel Sharma <ro...@mahindrabt.com>.
If you mean two way authentication using SSL, then you have to write the
code that reads clients certificate and matches it with one present in
client keystore on the server. You enable client authentication in
server.xml for this and specify the serverkeystore and password in it.
Regards,
Rommel Sharma.
----- Original Message -----
From: "secam secam" <se...@yahoo.fr>
To: <to...@jakarta.apache.org>
Sent: Monday, February 23, 2004 3:30 PM
Subject: tomcat certificate
> hello,
>
> I'm a new user of tomcat.
> Can tomcat authenticate a user with a certifcate ?
>
> Thanks,
> Secam
>
>
> ---------------------------------
> Yahoo! Mail : votre e-mail personnel et gratuit qui vous suit partout !
> Créez votre Yahoo! Mail
*********************************************************
Disclaimer
This message (including any attachments) contains
confidential information intended for a specific
individual and purpose, and is protected by law.
If you are not the intended recipient, you should
delete this message and are hereby notified that
any disclosure, copying, or distribution of this
message, or the taking of any action based on it,
is strictly prohibited.
*********************************************************
Visit us at http://www.mahindrabt.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org