tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 46950] SSL renegotiation does not occur when resource with CLIENT-CERT auth is requested
Date Thu, 02 Apr 2009 10:00:49 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=46950


Andr <andre@cabine.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|INVALID                     |




--- Comment #2 from Andr <andre@cabine.org>  2009-04-02 03:00:48 PST ---
Ok. So now I changed the security-constraint to:
<security-constraint id="SecurityConstraint_1">
                <web-resource-collection id="WebResourceCollection_1">
                        <web-resource-name/>
                        <url-pattern>/LoginWithCert.do</url-pattern>
                        <http-method>DELETE</http-method>
                        <http-method>GET</http-method>
                        <http-method>POST</http-method>
                        <http-method>PUT</http-method>
                        <http-method>HEAD</http-method>
                </web-resource-collection>
                <auth-constraint>
                        <role-name>*</role-name>
                </auth-constraint>
                <user-data-constraint id="UserDataConstraint_4">
                        <transport-guarantee>CONFIDENTIAL</transport-guarantee>
                </user-data-constraint>
</security-constraint>

Now I get this error when I access the resource:
HTTP Status 400 - No client certificate chain in this request

BUT no certificate was asked in the SSL (re-)negotiation.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message