ERR_BAD_SSL_CLIENT_AUTH_CERT 上的 Tomcat 重定向
[英]Tomcat redirect on ERR_BAD_SSL_CLIENT_AUTH_CERT
问题描述
I have done authentication via certificates on Java.
我已经通过 Java 上的证书进行了身份验证。
So, when certificate exists, everything works ok, when there is no certificate on client side, Chrome gives ERR_BAD_SSL_CLIENT_AUTH_CERT (Firefox gives another error. Doesn't matter)因此,当证书存在时,一切正常,当客户端没有证书时,Chrome 会给出ERR_BAD_SSL_CLIENT_AUTH_CERT (Firefox 给出另一个错误。没关系)
I am trying to avoid showing this blank page to user.我试图避免向用户显示这个空白页面。
So, is there any way to redirect(or show) to another page or html file when client has no certificate?那么,当客户端没有证书时,有没有办法重定向(或显示)到另一个页面或 html 文件?
Many thanks非常感谢
PS Sorry for my English. PS对不起我的英语。 It is not my native language这不是我的母语
1 个解决方案
解决方案1
1 2017-09-29 12:17:58
As far as I know, there is no "easy" way that you can configure within Tomcat.据我所知,没有“简单”的方法可以在 Tomcat 中进行配置。 However, it is possible to do, although too much effort in my opinion if you don't have a strict requirement.但是,这是可能的,尽管在我看来,如果您没有严格的要求,那就太费力了。 You would need to:您需要:
- In Tomcat config, make the client auth no mandatory with "want" instead of "true".在 Tomcat 配置中,使用“want”而不是“true”使客户端身份验证不是强制性的。 So Tomcat accepts clients with no valid certificate.因此 Tomcat 接受没有有效证书的客户端。
- In your code, detect whether the client has provided a valid certificate and, if not, redirect the request to the page you like.在您的代码中,检测客户端是否提供了有效证书,如果没有,则将请求重定向到您喜欢的页面。
I have done this successfully under Apache Shiro because it was one of my requirements.我在 Apache Shiro 下成功地做到了这一点,因为这是我的要求之一。 But if it is only to display a "nice page" to the user, I don't think it is worth the work, and I would recommend not to spend time on this.但如果只是为了向用户展示一个“漂亮的页面”,我认为这不值得,我建议不要花时间在这上面。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.