[jboss-user] [JBoss Web Services] - Re: @WS with CLIENT-CERT throws Invalid HTTP server response [401] - Unauthorized on client side

spyhunter99 do-not-reply at jboss.com
Thu Mar 15 19:21:59 EDT 2012


spyhunter99 [https://community.jboss.org/people/spyhunter99] created the discussion

"Re: @WS with CLIENT-CERT throws Invalid HTTP server response [401] - Unauthorized on client side"

To view the discussion, visit: https://community.jboss.org/message/724171#724171

--------------------------------------------------------------
can you verify the following?

from the service side, confirm that there is a certificate that can be used by the service and that the trust store contains the issuing certificate authority for the certificate used by the client
from the client side, confifrm  that there is a certificate that can be used by the client and that the trust store contains the issuing certificate authority for the certificate used by the service


from login-config.xml of jboss, what does UserCertPolicy look like? the @SecurityDomain ties the security context back to the login-config.xml, useful for http authentication but I'm not sure what effect it would have for you, because you are trying to do message level authentication, not transport. I'd suggest commenting that out and trying again

And what does this class look like? what does it do?
br.com.myapp.jaas.spi.SubjectMapper
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/724171#724171]

Start a new discussion in JBoss Web Services at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2044]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20120315/e7ab8073/attachment-0001.html 


More information about the jboss-user mailing list