I got the same issue as in thread "Client certificate authentication problem (glassfish v2 build 17)" (
http://forums.java.net/jive/message.jspa?messageID=154153).
Versions: SJSAS 9.1_02(build b04-fcs), JDK 1.6_06, Firefox 2.0.0.15
Even with Kumar's example war file (
http://weblogs.java.net/blog/kumarjayanti/archive/SSLMutualAuth.war) and set exactly as in his blog:
http://weblogs.java.net/blog/kumarjayanti/archive/2007/11/ssl_and_crl_che.html, I still had the same problem:
JACC Policy Provider: PolicyWrapper.implies, context(SSLMutualAuth/SSLMutualAuth)- permission((javax.security.jacc.WebUserDataPermission /secure/Hello.html GET)) domain that failed(ProtectionDomain (file:/SSLMutualAuth/SSLMutualAuth <no signer certificates>)
null
<no principals>
java.security.Permissions_at_1ef577d (
(javax.security.auth.PrivateCredentialPermission javax.resource.spi.security.PasswordCredential * "*" read)
(javax.management.MBeanTrustPermission register)
(java.util.PropertyPermission line.separator read)
(java.util.PropertyPermission java.vm.version read)
(java.util.PropertyPermission java.vm.specification.version read)
(java.util.PropertyPermission java.vm.specification.vendor read)
(java.util.PropertyPermission java.vendor.url read)
(java.util.PropertyPermission java.vm.name read)
(java.util.PropertyPermission * read,write)
(java.util.PropertyPermission os.name read)
(java.util.PropertyPermission java.vm.vendor read)
(java.util.PropertyPermission path.separator read)
(java.util.PropertyPermission java.specification.name read)
(java.util.PropertyPermission os.version read)
(java.util.PropertyPermission os.arch read)
(java.util.PropertyPermission java.class.version read)
(java.util.PropertyPermission java.version read)
(java.util.PropertyPermission file.separator read)
(java.util.PropertyPermission java.vendor read)
(java.util.PropertyPermission java.vm.specification.name read)
(java.util.PropertyPermission java.specification.version read)
(java.util.PropertyPermission java.specification.vendor read)
(java.lang.RuntimePermission getClassLoader)
(java.lang.RuntimePermission loadLibrary.*)
(java.lang.RuntimePermission accessDeclaredMembers)
(java.lang.RuntimePermission getProtectionDomain)
(java.lang.RuntimePermission modifyThreadGroup)
(java.lang.RuntimePermission stopThread)
(java.lang.RuntimePermission setContextClassLoader)
(java.lang.RuntimePermission queuePrintJob)
(java.net.SocketPermission localhost:1024- listen,resolve)
(java.net.SocketPermission * connect,resolve)
(java.io.FilePermission C:\DOCUME~1\xx\LOCALS~1\Temp\\- delete)
(java.io.FilePermission C:/D/Dev/AppServer/glassfish-v2ur2/domains/domain1\lib\databases\- delete)
(java.io.FilePermission <<ALL FILES>> read,write)
(javax.management.MBeanPermission [com.sun.messaging.jms.*:*] *)
(unresolved javax.security.jacc.WebUserDataPermission /:/secure/* null)
(unresolved javax.security.jacc.WebUserDataPermission /secure/* !DELETE,GET,HEAD,OPTIONS,POST,PUT,TRACE)
(unresolved javax.security.jacc.WebUserDataPermission /secure/* DELETE,GET,HEAD,OPTIONS,POST,PUT,TRACE:CONFIDENTIAL)
(unresolved com.sun.corba.ee.impl.presentation.rmi.DynamicAccessPermission access null)
(unresolved javax.security.jacc.WebResourcePermission /:/secure/* null)
(unresolved javax.security.jacc.WebResourcePermission /secure/* !DELETE,GET,HEAD,OPTIONS,POST,PUT,TRACE)
(unresolved com.sun.enterprise.security.CORBAObjectPermission * *)
)
After I click the link, it was redirected to SSL and asked to validate the certificate (I just used the system default cacerts.jks) then the screen is blank (the content in Hello.html doesn't appear)
Is there something else has to be set or it's still a bug in this version of glassfish?
[Message sent by forum member 'marshalking' (marshalking)]
http://forums.java.net/jive/thread.jspa?messageID=285285