tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 34868] allow to register a trust store for a session that becomes effective before CLIENT-CERT auth is executed on requests
Date Fri, 08 Apr 2011 21:52:31 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=34868

Mark Thomas <markt@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|                            |WONTFIX

--- Comment #11 from Mark Thomas <markt@apache.org> 2011-04-08 17:52:28 EDT ---
Per session trust managers can't possibly work since the SSL connection has to
be established before the client can send any data that would identify the
session in which to look for the trust manager. I am therefore resolving this
as WONTFIX.

However, it is worth noting the Tomcat 7 (as a result of fixing bug 48208) now
supports custom trust managers which should be sufficient to meet any
requirement not meet by the standard trust manager.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message