tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gal Shachor <shac...@il.ibm.com>
Subject Re: [Fwd: The Windows tomcat connector seems to be brain dead for security]
Date Fri, 23 Jun 2000 08:34:56 GMT


"Craig R. McClanahan" wrote:
> 
> The following email conversation discusses what appears to be a bug in the way that the
IIS connector
> passes certificate information to Tomcat.  Gal or Costin, could you guys evaluate this
and fix
> anything that is broken?
> 

I would not call this a bug but more of a missing feature...

James wants us to pass arbitrary environment variables from IIS to
Tomcat and this
is really an important feature for all servers! Its been on my
to-do-feature radar 
for some time and eventually I will find the time to do it.

As for the SSL related work in the plugins. Until now I concentrated on
providing the 
standard SSL attribute meaning:

1. Is SSL on?
2. Ciphers
3. Session
4. Client certificates.

On servers such as Apache and Netscape (servers that play by the rules
:)) I actually
pass all this info, but IIS is different so It will require some more
time.

	Gal Shachor

Mime
View raw message