Client Side Authentication with Certificates applet with client authentify
i want to implemet a "Client Side Authentication with Certificates" over https with tomcat5,jdk14.
i use OpenSSL to set up CA and server certificates.
All certification pass fine and application works with clientAuth="false" setting in tomcat with configuration:
==================================================================
<Connector className="org.apache.coyote.tomcat5.CoyoteConnector"
port="8443" minProcessors="5" maxProcessors="75"
enableLookups="true"
acceptCount="100" debug="1" scheme="https" secure="true"
useURIValidationHack="false" disableUploadTimeout="true"
compression="on">
<Factory className="org.apache.coyote.tomcat5.CoyoteServerSocketFactory"
clientAuth="true" protocol="TLS" keystorePass="changeit"
keystoreFile="C:/Documents and Settings/Administrator/server.ks"/>
</Connector>
====================================================================
when i set clientAuth="true", no standalone applet or any from a signed jar is starting.
Any other jsp,html,js,servelet still work fine.
I modify also java.policy and java.security to grant all security permision.
I would like to mention that Exception rise with any applet,no mater if is a empty applet or some with code like :
Security.addProvider(new com.sun.net.ssl.internal.ssl.Provider());
System.setProperty("java.protocol.handler.pkgs","com.sun.net.ssl.internal.www.protocol");
I got only this error when applet shuld init,no mater what settings:
Nov 26, 2003 6:55:38 PM sun.plugin.usability.PluginLogger log
INFO: Loaded certificates from JPI session certificate store
java.net.SocketException: Software caused connection abort: socket write error
at java.net.SocketOutputStream.socketWrite0(Native Method)
at java.net.SocketOutputStream.socketWrite(SocketOutputStream.java:92)
at java.net.SocketOutputStream.write(SocketOutputStream.java:136)
at com.sun.net.ssl.internal.ssl.OutputRecord.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.j(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA6275)
at sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA6275)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.setNewClient(DashoA6275)
at sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.superConnect(PluginDelegateHttpsURLConnection.java:292)
at sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.access$000(PluginDelegateHttpsURLConnection.java:42)
at sun.net.www.protocol.https.PluginDelegateHttpsURLConnection$1.run(PluginDelegateHttpsURLConnection.java:112)
at java.security.AccessController.doPrivileged(Native Method)
at sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.connect(PluginDelegateHttpsURLConnection.java:107)
at sun.net.www.protocol.https.PluginDelegateHttpsURLConnection.getInputStream(PluginDelegateHttpsURLConnection.java:306)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(DashoA6275)
at sun.plugin.net.protocol.http.HttpUtils.followRedirects(HttpUtils.java:39)
at sun.plugin.cache.CachedJarLoader.isUpToDate(CachedJarLoader.java:251)
at sun.plugin.cache.CachedJarLoader.loadFromCache(CachedJarLoader.java:153)
at sun.plugin.cache.CachedJarLoader.load(CachedJarLoader.java:124)
at sun.plugin.cache.JarCache.get(JarCache.java:172)
at sun.plugin.net.protocol.jar.CachedJarURLConnection.connect(CachedJarURLConnection.java:93)
at sun.plugin.net.protocol.jar.CachedJarURLConnection.getJarFile(CachedJarURLConnection.java:78)
at sun.misc.URLClassPath$JarLoader.getJarFile(URLClassPath.java:580)
at sun.misc.URLClassPath$JarLoader.<init>(URLClassPath.java:541)
at sun.misc.URLClassPath$3.run(URLClassPath.java:319)
at java.security.AccessController.doPrivileged(Native Method)
at sun.misc.URLClassPath.getLoader(URLClassPath.java:308)
at sun.misc.URLClassPath.getLoader(URLClassPath.java:285)
at sun.misc.URLClassPath.getResource(URLClassPath.java:155)
at java.net.URLClassLoader$1.run(URLClassLoader.java:190)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:186)
at sun.applet.AppletClassLoader.findClass(AppletClassLoader.java:134)
at sun.plugin.security.PluginClassLoader.findClass(PluginClassLoader.java:168)
at java.lang.ClassLoader.loadClass(ClassLoader.java:299)
at sun.applet.AppletClassLoader.loadClass(AppletClassLoader.java:114)
at java.lang.ClassLoader.loadClass(ClassLoader.java:255)
at sun.applet.AppletClassLoader.loadCode(AppletClassLoader.java:501)
at sun.applet.AppletPanel.createApplet(AppletPanel.java:566)
at sun.plugin.AppletViewer.createApplet(AppletViewer.java:1775)
at sun.applet.AppletPanel.runLoader(AppletPanel.java:495)
at sun.applet.AppletPanel.run(AppletPanel.java:292)
at java.lang.Thread.run(Thread.java:536)
WARNING: error reading https://p01:8443/cert/utente.jar from cache.
Nov 26, 2003 6:55:42 PM sun.plugin.usability.PluginLogger log
INFO: WARNING: error reading https://p01:8443/cert/utente.jar from cache.
Downloading https://p01:8443/cert/utente.jar to cache
Nov 26, 2003 6:55:42 PM sun.plugin.usability.PluginLogger log
INFO: Downloading https://p01:8443/cert/utente.jar to cache
Loading Root CA certificates from C:\PROGRA~1\Java\J2RE14~1.1_0\lib\security\cacerts
Nov 26, 2003 6:55:43 PM sun.plugin.usability.PluginLogger log
INFO: Loading Root CA certificates from C:\PROGRA~1\Java\J2RE14~1.1_0\lib\security\cacerts
Loaded Root CA certificates from C:\PROGRA~1\Java\J2RE14~1.1_0\lib\security\cacerts
if anyone has encounted same problem please post a reply.
