i'm developing a web application using Jboss 6.1.
One of the sistem requirements, is that the user should be authenticate throught a digital certificate. With that in mind, i've set my jboss to use
https:// with SSL3 protocol, created a server certificate with a reference to a CA certificate and set the property
After that, i've changed my
web.xml to request the client's certificate on
<security-constraint> <web-resource-collection> <web-resource-name>secured</web-resource-name> <url-pattern>/LoginByCert</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <role-name>*</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>CLIENT-CERT</auth-method> </login-config>
But when i acess
https://localhost:443/MyApp/LoginByCert my jboss is throwing an Exception
Exception getting SSL attributes: java.net.SocketException: Socket Closed
and the client's web browser ask´s for it´s certificates. Once the client chooses a certficate, displays the error message
Status 401 - JBWEB000010: Cannot authenticate with the provided credentials
Can someone help me? thank you for your time.