I'm doing a web application using jBoss EAP 6.1.
As one of the requirements, the system must perform user authentication via digital certificate. To do this I set up jBoss to run in https:// using the SSLv3 protocol, created a certificate for the server and referenced the CA certificate and set verify-client="false" .
Then in web.xml of my application, I configured to request the client's digital certificate in /LoginByCert
<security-constraint>
<web-resource-collection>
<web-resource-name>secured</web-resource-name>
<url-pattern>/LoginByCert</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>CLIENT-CERT</auth-method>
</login-config>
After this accessing https://localhost:443/MyApp/LoginByCert , jBoss throws the error:
Exception getting SSL attributes: java.net.SocketException: Socket Closed
and the browser opens the client's wallet to choose the certificate. Once the certificate is chosen, jBoss displays it in the browser:
Status 401 - JBWEB000010: Can not authenticate with the provided credentials
Can anyone help me? Thank you for your time.