DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG·
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=41337>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND·
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=41337
Summary: Display an error page if no cert is available on CLIENT-
CERT login
Product: Tomcat 5
Version: 5.0.20
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Connector:HTTP
AssignedTo: tomcat-dev@jakarta.apache.org
ReportedBy: arminha@student.ethz.ch
If a client does not have a client certificate or doesn't select a client
certificate to be used for authentication, Tomcat does not display an error
page. It just does nothing (that the client would see).
Steps to reproduce:
1. configure an ssl connector and set clientAuth="false"
2. create a security-constaint in the web.xml of the webapp
3. set the login-config in the web.xml to this:
<login-config>
<auth-method>CLIENT-CERT</auth-method>
</login-config>
4. try to access the page without a client certificate
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org
|