[jboss-user] [Security & JAAS/JBoss] - CLIENT-CERT configuration
adamw
do-not-reply at jboss.com
Tue Jul 18 15:53:39 EDT 2006
Hello,
I want to secure a servlet so that you can connect to it only if you have a certificate.
To do it, firstly I have setup tomcat to support https as in scenarion 3 here:
http://wiki.jboss.org/wiki/Wiki.jsp?page=SSLSetup
The only difference is that in server.xml, I left clientAuth="false", as I want the rest of the pages to be accessible in a normal way.
Later, I configured my web applicaton as it is described here:
http://docs.jboss.org/jbossas/jboss4guide/r5/html/ch8.chapter.html#d0e19521
The result I get is, when I don't have the certificate registered, it denies access, but when I have - I get an error message:
HTTP Status 401 - Cannot authenticate with the provided credentials
Did I miss something?
--
Cheers,
Adam
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3958941#3958941
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3958941
More information about the jboss-user
mailing list