Applies to: v4.1.3.0


KB Article # 20594

Topic/Category: Tomcat

Issue: You’ve followed all instructions from the PIV CAC integration wiki and various errors occur.

Prerequisites: Steps from have been followed


Possible Solutions:


For server.xml, <Connector protocol=”org.apache.coyote.http11.Http11NioProtocol” :

change clientAuth=”false” to clientAuth=”want”



For IE browser insure the following:


3) Insure the user search attribute is consistent across what is configured on server.xml, and on piv card cert.

For server.xml

userSearch=”<AD attribute>={0}”  (sample: userSearch=”postalBoxOffice={0}”)

user.connectivity_userSearchAttributeFilter=<permanent AD attribute> (sample: user.connectivity_userSearchAttributeFilter=postalBoxOffice)


4) For differing search criteria, the following patch may be required (for 4130 only)





< Back|KB Main Page | Next KB Article >