tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 48208] allow client certificate with any issuer: server.xml connector attribute "acceptAllCerts"
Date Mon, 31 Jan 2011 20:42:55 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=48208

--- Comment #6 from Christopher Schultz <chris@christopherschultz.net> 2011-01-31 15:42:47
EST ---
If you don't need authentication, why bother configuring it?

If you just want ANY client certificate to be available to your webapp, why not
configure <Connector clientAuth="want" />?

Enabling CLIENT_CERT *authentication* with no form of validation of the
certificate is entirely without merit.

If you just want the client certificate, then you want clientAuth="want" with
no authentication configured.

Like Mark, I will -1 any attempt to add this feature unless you can give us a
reasonable use case that is not possible to configure in Tomcat.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message