3 Replies Latest reply on Jun 26, 2002 6:31 PM by Pierre Colot

    Client authenticated SSL with Apache and embedded Tomcat

    Max Johnson Newbie

      I have configured Apache/mod_ssl to request client certificates for authentication. Using mod_jk, ajp13 workers and vanilla Tomcat 3.2.3 I can extract the client cert details from a servlet or JSP. (e.g. Calling request.getAttribute("javax.servlet.request.X509Certificate") returns the client's cert details as I expect).

      However, if I change to Tomcat embedded into JBoss it stops working. The informations does not appear to be passed through. I have declared the AJP13 connection handler in server.xml and pages are served just fine. However, calling request.getAttribute("javax.servlet.request.X509Certificate") returns null when it shouldn't!

      Any pointers as to what's going wrong would be very much appreciated.

      Regards
      Max