Tomcat中基于数据库的SSL客户端身份验证
[英]Database based ssl client authentication in Tomcat
问题描述
I would like to know if it is possible to have a more dynamic way to handle with client certs than edit tomcat-users.xml ? 
我想知道是否有一种比编辑tomcat-users.xml更动态的方式来处理客户端证书? and how to do it ? 以及如何做?
A database way would be much better in order add new certs or revoke since now i have to restart the server everytime I need to add a new one in tomcat-users.xml. 为了添加新证书或撤消证书,数据库方法会好得多,因为现在每次我需要在tomcat-users.xml中添加新证书时,都必须重新启动服务器。
best regards 最好的祝福
2 个解决方案
解决方案1
2 2014-12-04 09:22:27
There are multiple ways to do the things dynamically. 有多种方法可以动态地执行操作。 It depends on your project environment that, which way you want to use. 这取决于您要使用哪种方式的项目环境。
First is JRebel tool, which is used to change the config files without rebooting server.
首先是JRebel工具,它用于更改配置文件而无需重新启动服务器。 http://zeroturnaround.com/software/jrebel/ http://zeroturnaround.com/software/jrebel/ You can manually implement the listeners which will listen for the changes happen to particular file using dynamic class loading.
您可以手动实现侦听器,这些侦听器将使用动态类加载来侦听特定文件发生的更改。 http://tutorials.jenkov.com/java-reflection/dynamic-class-loading-reloading.html http://tutorials.jenkov.com/java-reflection/dynamic-class-loading-reloading.html
There may be other ways also.! 可能还有其他方法。 But I think from these you can achieve what you want. 但我认为您可以实现这些目标。
解决方案2
0 2014-12-02 21:12:02
You can use the JDBCRealm to get the user authorizations after authenticating him with his client cert. 您可以使用JDBCRealm通过用户证书对用户进行身份验证后获得用户授权。
See Can CLIENT-CERT auth-method be used with a JDBC realm within tomcat? 请参阅在tomcat中可以将CLIENT-CERT auth-method与JDBC领域一起使用吗? for details. 有关详细信息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.