You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Dave <ja...@yahoo.com> on 2008/01/06 12:59:32 UTC

SSL client authentication

Hi, I need some help on SSL client authentication.
   
  If a user has digital certificate installed on his/her machine,  we like to authenticate the user using digital certificate, otherwise using username/password.
   
  When I set clientAuth="true" in server.xml,  open IE to the server URL (https),  IE popup a window asking for the client certificate even though there is no certificate found in client machine.
   
  1. how to ask client browser(IE) to ignore digital certificate if not found?
  2. on server, how to get the client certificate for verification?  java API?
   
  Thank for help.
  Dave

       
---------------------------------
Looking for last minute shopping deals?  Find them fast with Yahoo! Search.

Re: SSL client authentication

Posted by Filip Hanik - Dev Lists <de...@hanik.com>.

set clientAuth="want"
you still may have to do some mucking around in the realm code to be 
able to do both in a prioritized order

Filip

Dave wrote:
> Hi, I need some help on SSL client authentication.
>    
>   If a user has digital certificate installed on his/her machine,  we like to authenticate the user using digital certificate, otherwise using username/password.
>    
>   When I set clientAuth="true" in server.xml,  open IE to the server URL (https),  IE popup a window asking for the client certificate even though there is no certificate found in client machine.
>    
>   1. how to ask client browser(IE) to ignore digital certificate if not found?
>   2. on server, how to get the client certificate for verification?  java API?
>    
>   Thank for help.
>   Dave
>
>        
> ---------------------------------
> Looking for last minute shopping deals?  Find them fast with Yahoo! Search.
>   
> ------------------------------------------------------------------------
>
> No virus found in this incoming message.
> Checked by AVG Free Edition. 
> Version: 7.5.516 / Virus Database: 269.17.13/1211 - Release Date: 1/6/2008 11:57 AM
>   


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org