users@glassfish.java.net

Re: Client Cert Based Authentication - from tomcat JDBCRealm to Glassfish

From: <glassfish_at_javadesktop.org>
Date: Mon, 18 Aug 2008 07:56:56 PDT

> Hi,
>
> We are migrating from tomcat to GF2.
>
> Current Env: Apache & Tomcat 5.5
> Client authentication cert is passed as
> X509Certificate by Apache to Tomcat.
> In tomcat we use org.apache.catalina.realm.JDBCRealm
> to obtain both user information and "user to role"
> mapping information from database.
>
> Can anyone point me to document or reference how this
> can be achieved in GF.
>
> Thanks,
> NT
>
> Message was edited by: ntonne

I have a question related to yours. You seem to have the kind of system I need to set up.

I am using Tomcat 5 and currently use FORM and the JDBCRealm for client authentication. I am in the process of moving to CLIENT-CERT. The documentation I have read says that the SubjectDN is used for the authentication and must be placed in the table and column:

      userTable="users" userNameCol="username"

Question 1 : Does the userCredCol need to be populated?

Question 2 : The certificate SubjectDN filed contains special characters. Are these needed in the userNameCol as well? I guess the real question is "what is the format requirement on the authentication fields in the userTable?". How do I insert the values into my Oracle Database?

Thanks,
 Jeff M
[Message sent by forum member 'jrmyint' (jrmyint)]

http://forums.java.net/jive/thread.jspa?messageID=293940