The term per the Oracle documentation is: Custom Authentication of client
Certificate in SSL Mutual Authentication, referenced at
http://download.oracle.com/docs/cd/E18930_01/html/821-2435/ggktf.html [1].
I am also referencing earlier howto instructions at
http://www.java.net/external?url=http://blogs.sun.com/nasradu8/entry/extend_certificaterealm_with_loginmodule_glassfish
[2]
And yes, that was a fat-finger typo, I did use jaas-context. I could send
you (or upload) all of my files, but everything I have done is exactly per
instructions from these two references. I have tried using a class that
implements LoginModule (which is where I declared a static block so I could
see if the class is being loaded, which it is not) and I have tried the
extend of AppservCertificateLoginModule given in the Oracle docs, and neither
class is being loaded.
So to re-interate, the default CertificateRealm of domain1 has been altered
by adding the "jaas-context" property with a value of "certRealm" and an
entry of
certRealm {
com.lmco.certificate.login.CertificateLoginModule required;
};
has been added to the login.conf file. When I try to debug, breakpoints on
CertificateLoginModule are never activated, and static class blocks are never
ran, which is why I believe there is something else that has not been "turned
on" to enable this to work as it should. Obviously something is happening,
as the CLIENT-CERT entry in my web.xml is causing the server to return an
HTTP 400, but as stated, there are no exceptions, and with logging.properties
containing javax.enterprise.system.core.security.level=FINEST I cannot see
anything happening other than the CertificateRealm successfully created
message from the RealmConfig.
[1]
http://download.oracle.com/docs/cd/E18930_01/html/821-2435/ggktf.html
[2]
http://www.java.net/external?url=http://blogs.sun.com/nasradu8/entry/extend_certificaterealm_with_loginmodule_glassfish
--
[Message sent by forum member 'geturnerlmco']
View Post: http://forums.java.net/node/808034