0 Replies Latest reply: Apr 17, 2012 8:27 PM by 909602 RSS

    Glassfish 3.1.2 configuration Client Certificate for Mutual Authentication

    909602
      Hi

      I need help in configuring GF3.1.2 i have done following changes, please do let me know if i am missing anything important as after changes it is not working.
      my id is nilesh2811@gmail.com

      I could not found any particular thread or answers in forum if any link is there will be helpful.
      if you have any document for this please forward.

      please do the needful

      App Web.xml
      <login-config>
      <auth-method>CLIENT-CERT</auth-method>
      </login-config>
      <security-constraint>
      <web-resource-collection>
      <web-resource-name>Entire Application</web-resource-name>
      <url-pattern>/faces/*</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
      <http-method>HEAD</http-method>
      <http-method>PUT</http-method>
      <http-method>OPTIONS</http-method>
      <http-method>TRACE</http-method>
      <http-method>DELETE</http-method>
      </web-resource-collection>
      <auth-constraint>
      <description/>
      <role-name>authorized</role-name>
      </auth-constraint>
      <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
      </user-data-constraint>
      </security-constraint>
      <security-role>
      <description/>
      <role-name>authorized</role-name>
      </security-role>
      sun-web.xml
      <security-role-mapping>
      <role-name>authorized</role-name>
      <principal-name>admin</principal-name>     
      <group-name>authorized</group-name>
      </security-role-mapping>

      Domain.xml
      <security-service>
      <auth-realm classname="com.sun.enterprise.security.auth.realm.file.FileRealm" name="admin-realm">
      <property name="file" value="${com.sun.aas.instanceRoot}/config/admin-keyfile"></property>
      <property name="jaas-context" value="fileRealm"></property>
      </auth-realm>
      <auth-realm classname="com.sun.enterprise.security.auth.realm.file.FileRealm" name="file">
      <property name="file" value="${com.sun.aas.instanceRoot}/config/keyfile"></property>
      <property name="jaas-context" value="fileRealm"></property>
      </auth-realm>
      <auth-realm classname="com.sun.enterprise.security.auth.realm.certificate.CertificateRealm" name="certificate">
      <property name="assign-groups" value="authorized"></property>
      </auth-realm>