My setup is:
OS = Centos 7.4
I am new to tomcat. I am experiencing different behavior when installing tomcat as a docker container and when it is a normal install. I would like to use certificate for authentication, but there is an issue when using clientAuth=want that I cannot understand.
If I use tomcat in a docker container and I set clientAuth=want, then I am prompted for a certificate.
If I use a regular installation of tomcat and I set clientAuth=want, then I am not prompted for a certificate.
My question is, why I do not get the certificate prompt when regular install is used? Am I missing something?
I'm not a big fan of client-side web authorization. If the client machine gets stolen, then the thief gets the keys to your account as a free bonus. If the client machine gets broken, any replacement machine isn't going to come with the required client cert.
Still, there's a use for almost everything.
And there's absolutely no reason I can think of why Tomcat's security system should be caring whether Tomcat is containerized or not. Certainly it never made a difference for me.
About the best guess I can make is that you might be losing any changes made to your Tomcat container if you do a cold restart of the container. Since unless you create and save and then start a new image, a cold start loses all changes made from the last container run.
An IDE is no substitute for an Intelligent Developer.
posted 5 months ago
I would like for the user to get prompted to select a certificate whenever the user browse to the tomcat server (see attachment).
Can you please let me know what I need to to do in tomcat to make that possible? I thought that this only requires the clientAuth setting to be set to "want" and server usage of https.
Screaming fools! It's nothing more than a tiny ad: