[jboss-user] [Security & JAAS/JBoss] - CLIENT-CERT configuration

adamw do-not-reply at jboss.com
Tue Jul 18 15:53:39 EDT 2006

   I want to secure a servlet so that you can connect to it only if you have a certificate.
To do it, firstly I have setup tomcat to support https as in scenarion 3 here:
The only difference is that in server.xml, I left clientAuth="false", as I want the rest of the pages to be accessible in a normal way.

Later, I configured my web applicaton as it is described here:

The result I get is, when I don't have the certificate registered, it denies access, but when I have - I get an error message:
HTTP Status 401 - Cannot authenticate with the provided credentials

Did I miss something?


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3958941#3958941

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3958941

More information about the jboss-user mailing list