使用Wildfly 8的客户端PKI证书身份验证发送404
[英]Client PKI certificate authentication with Wildfly 8 sends 404
问题描述
I am trying to get client certificate authentication via smartcard working with Wildfly 8. It was previously working with JBoss AS but Wildfly went and changed things. 
我正在尝试通过与Wildfly 8一起使用的智能卡来获得客户端证书身份验证。以前曾与JBoss AS一起使用,但是Wildfly进行了更改。 I have imported the proper certificates into my keystore. 我已将适当的证书导入到我的密钥库中。
This is my standalone.xml: 这是我的standalone.xml:
<security-realm name="SSLRealm">
<server-identities>
<ssl protocol="TLSv1">
<keystore path="server.keystore" keystore-password="password" alias="server"/>
</ssl>
</server-identities>
<authentication>
<truststore path="server.keystore" keystore-password="server.keystore"/>
</authentication>
</security-realm>
.... ....
<subsystem xmlns="urn:jboss:domain:undertow:1.2">
<buffer-cache name="default"/>
<server name="default-server">
<http-listener name="default" socket-binding="http"/>
<https-listener name="https" socket-binding="https" security-realm="SSLRealm" verify-client="REQUESTED"/>
<host name="default-host" alias="localhost">
<filter-ref name="gzipFilter" predicate="not min-content-size[500]"/>
</host>
</server>
<servlet-container name="default">
<jsp-config development="true" target-vm="1.8" x-powered-by="false"/>
<websockets/>
</servlet-container>
<filters>
<gzip name="gzipFilter"/>
</filters>
</subsystem>
... ...
<security-domain name="cert-login" cache-type="default">
<jsse keystore-password="password" keystore-url="server.keystore" truststore-password="password" truststore-url="server.keystore" client-auth="true"/>
<authentication>
<login-module code="Certificate" flag="required">
<module-option name="securityDomain" value="cert-login"/>
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
<login-module code="Identity" flag="required">
<module-option name="roles" value="certuser"/>
</login-module>
</authentication>
</security-domain>
... ...
<logger category="org.wildfly.extension.undertow">
<level name="DEBUG"/>
</logger>
<logger category="org.jboss.as.security">
<level name="TRACE"/>
</logger>
<logger category="org.jboss.security">
<level name="TRACE"/>
</logger>
jboss-web.xml: jboss-web.xml:
<jboss-web>
<context-root>/</context-root>
<security-domain>cert-login</security-domain>
</jboss-web>
... and my web.xml ...和我的web.xml
<security-constraint>
<web-resource-collection>
<web-resource-name>Cert Login Page</web-resource-name>
<url-pattern>/cert/detect</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>certuser</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>CLIENT-CERT</auth-method>
</login-config>
<security-role>
<role-name>certuser</role-name>
</security-role>
What happens when I go to /cert/detect is I get a 404. Not errors or anything. 当我去/ cert / detect时会发生什么,我得到404。不是错误或任何东西。 I have been spinning my wheels for days trying to figure out what the problem is. 数天来,我一直在转动轮子,试图找出问题所在。
1 个解决方案
解决方案1
1 2017-05-10 20:18:11
The problem ended up being nothing to do with the Wildfly configuration, I just needed to add an additional certificate to the server.keystore. 问题最终与Wildfly配置无关,我只需要向server.keystore添加一个附加证书即可。 The 404 was a red herring. 404是红鲱鱼。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.