Enabling mutual auth with tomcat buildpack on bluemix - ibm-cloud

I have created a J2ee web application and i am pushing it on bluemix with tomcat java_buildpack. Now i would like to enable the mutual auth on the server and would like to modify the tomcat's server.xml to enable mutual and assign a keystore.I am not able to find a way how to do that.
Can you please help?
Thanks in advance.

Related

Where can the jmsActivationSpec be set when trying to integrate WebSphere MQ with Wildfly?

I have been trying to integrate IBM WebSphere MQ with WildFly server, as part of a application-server redeployment POC.
Have managed to deploy and added the resource adapter (wmq.jmsra.rar).
Also, managed to set-up the jmsQueueConnectionFactory via Connection Definitions, and jmsQueue via Admin Objects.
However, can't seem to find a configuration which would allow for setting of jmsActivationSpec. Greatly appreciate some help!

Proxy Configuration for Liferay Portal CE 7

I have a question about the proxy configuration for Liferay Portal 7 CE. I have searched for quite a while, but haven’t found anything really helpful on the subject. There is already a question here on stackoverflow related to Liferay’s proxy configuration in Wildfly, but it has not been answered yet: Proxy Settings Wildfly
We use a squid proxy server for internet access (no authentication, just a proxy port and a host for HTTP and HTTPs). I would like to run Liferay portal on my local machine and therefore need to tell the portal to use the proxy for web access.
How do I do this? Do I make changes to
a) Liferay’s configuration files (i.e., the portal-ext.properties, I guess) or do I change
b) the configuration files of the application server, on which the portal is running on, or
c) change the configuration for the portlets (e.g. for the marketplace portlet)?
What options would I have to set in the respective configuration files?
Best regards,
Felix
Proxy configuration is splitted in two configuration files: system-ext.properties and portal-ext.properties.
In system-ext.properties you have to configure the proxy environment configuration settings that affects to whole JVM process:
http.proxyHost=192.168.0.200
http.proxyPort=4480
You have to create system-ext.properties file inside webapps/ROOT/WEB-INF/classes. (inside Liferay application classloader)
You have more information about system-ext proxy settings in following link: https://docs.liferay.com/portal/7.0/propertiesdoc/system.properties.html#HTTP
In portal-ext.properties you have to configure the proxy environment configuration settings that affects only to Liferay portal:
com.liferay.portal.util.HttpImpl.proxy.username=
com.liferay.portal.util.HttpImpl.proxy.password=
You have more information about portal-ext proxy settings in following link: https://docs.liferay.com/portal/7.0/propertiesdoc/portal.properties.html#HTTP
If your proxy has no authentication, only system-ext.properties settings are necessary

How to configure eclipse to access an endpoint over the SSL protocol?

When I access EndPoint within Google Chrome I get a response. Can you see in picture below:
When I try to access EndPoint from within eclipse. The following error occurs:
I configured the EndPoint certificate in eclipse. As shown in the figure below:
Is there another configuration needed to access the Endpoint within eclipse?
The Internet proxy was not configured in eclipse.
After configuring the proxy in eclipse it worked perfectly.
thanks :D

SPNEGO on Bluemix Liberty

On the Bluemix Liberty feature list, it says Spnego-1.0 is supported. Does anyone have any Bluemix documentation (not plain Liberty, because this would mean I installed the Liberty server on my own enterprise domain) on how to even begin to use this? It seems to me that if SPN are locked down to a domain name, how would this even work for an app running on a domain such as this: "www.ng.bluemix.net"?
Does this mean there is a requirement to have Bluemix infrastructure installed onto our enterprise infrastructure to even begin thinking about Spnego?
SPNEGO makes sense if you're trying to achieve SSO between say a Microsoft Desk Top and say a WASaaS (WAS or Liberty) running a web app in a Softlayer VM behind a private firewall, then a SPNEGO solution would work. In a more public setting, OpenID Connect should be considered as an option.
If SPNEGO really needs to be used, see the Liberty documentation. You can then customize a Liberty server.xml file in Bluemix to get this to work. To use a custom Liberty server.xml file, see the info noted under standalone applications.

External SSO and Web Application running on TOMCAT 6.0

New to JAVA. I developed Web application(JSP) successfully delpoyed on TOMCAT 6.0. Now the client want to use external SSO to authenticate users. As of now when the users are authenticated the website is displayed with Login Page where the user has to login again.
I am using the Login.jsp to bring the user roles from the SQLDB for Website.
What I want to accomplish now is when User is authenticated login.jsp should retrieve the credentials from the SSO and display the website thus accomplishing the purpose of Single sign on process.
I read a lot from this forum and other websites but kinda lost in the process.
Any help would be appreciated.
thank you
We developed a Tomcat extension (valve) which does just that. Basically you use standard J2EE security (role-ref etc) in your app and our Tomcat valve then acts as a bridge between Tomcat and our SSO platform. You can find out more at www.cloudseal.com
Of course you may not want to use our SSO platform :-( but you can still use our Tomcat valve and modify it to fit your needs. It's released under an Apache 2 license and you can grab the source from Github