How to set LDAP ACI to servlets by IP addresses in Red Hat Certificate System 8.1

Solution Unverified - Updated -

Issue

  • In version 7.1 of Red Hat Certificate System, the HTTP engine was run with NES / Netscape Enterprise Server, and access control on URIs was done with configuration in files such as /opt/redhat-cs/httpacl/generated.cert-InstanceID.acl

  • For example, to filter by IP addresses on the URI /displayBySerial to search and display certificates by serial number, except from the IP addresses provided:

acl "uri=/displayBySerial";
authenticate (ip) {
     method = "SSL";
};
deny (all)
user = "anyone";
allow (all)
ip = "10.10.10.11,10.10.10.12";
  • The access control could be also done per users, groups.

  • The issue is how can some similar access control be done with Red Hat Certificate System version 8.1 that runs with Tomcat?

Environment

  • Red Hat Enterprise Linux 5
  • Red Hat Certificate System 8.1

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.