Reputation: 1916
Database based ssl client authentication in Tomcat
I would like to know if it is possible to have a more dynamic way to handle with client certs than edit tomcat-users.xml ? and how to do it ?
A database way would be much better in order add new certs or revoke since now i have to restart the server everytime I need to add a new one in tomcat-users.xml.
best regards
Upvotes: 0
Views: 178
Answers (2)
Reputation: 8757
There are multiple ways to do the things dynamically. It depends on your project environment that, which way you want to use.
First is JRebel tool, which is used to change the config files without rebooting server. http://zeroturnaround.com/software/jrebel/
You can manually implement the listeners which will listen for the changes happen to particular file using dynamic class loading. http://tutorials.jenkov.com/java-reflection/dynamic-class-loading-reloading.html
There may be other ways also.! But I think from these you can achieve what you want.
Upvotes: 2
Reputation: 48236
You can use the JDBCRealm to get the user authorizations after authenticating him with his client cert.
See Can CLIENT-CERT auth-method be used with a JDBC realm within tomcat? for details.
Upvotes: 0
Related Questions
- Tomcat and SSL Client certificate
- Mutual authentication with Tomcat 7
- Tomcat Client Authentication using SSL
- Tomcat + SSL configuration + Client
- Client authentication in server Tomcat
- SSL HandShake - Client Authentication
- Server to Client SSL Encryption w/o SSL Authentication - Tomcat & Spring
- Tomcat 7 ssl client authenitcation
- Java Manual Client Certificate Authentication
- client/certificate authentication by server in tomcat