Configure jboss to request digital customer certificate

Asked

Viewed 458 times

2

I am making a web application using jboss EAP 6.1.

As one of the requirements, the system must perform user authentication via digital certificate. For this I have properly configured jboss to run on https:// using the Sslv3 protocol, I created a server certificate and referenced the CA certificate and configured it verify-client="false".

Then in the web.xml of my application, configured to order the digital certificate of the client on /LoginByCert

<security-constraint>
    <web-resource-collection>
        <web-resource-name>secured</web-resource-name>
        <url-pattern>/LoginByCert</url-pattern>
        <http-method>GET</http-method>
        <http-method>POST</http-method>
    </web-resource-collection>
    <auth-constraint>
        <role-name>*</role-name>
    </auth-constraint>
    <user-data-constraint>
        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
</security-constraint>

<login-config>
    <auth-method>CLIENT-CERT</auth-method>
</login-config>

After that when accessing https://localhost:443/MyApp/LoginByCert, jboss throws the error:

Exception Getting SSL Attributes: java.net.Socketexception: Socket Closed

and the browser opens the client wallet to choose the certificate. Once the certificate has been chosen, jboss shows in the browser:

Status 401 - JBWEB000010: Cannot authenticate with the provided credentials

Could someone help me? Thank you for your time.

No answers

Browser other questions tagged

You are not signed in. Login or sign up in order to post.