tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 53459] New: clientAuth="optional" not documented - is it valid?
Date Sat, 23 Jun 2012 13:55:53 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=53459

          Priority: P2
            Bug ID: 53459
          Assignee: dev@tomcat.apache.org
           Summary: clientAuth="optional" not documented - is it valid?
          Severity: normal
    Classification: Unclassified
                OS: All
          Reporter: sebb@apache.org
          Hardware: All
            Status: NEW
           Version: unspecified
         Component: Documentation
           Product: Tomcat 7

The file ssl-howto.xml includes the line

  clientAuth="optional" SSLProtocol="TLSv1"/>

However, the corresponding description of the clientAuth parameter in
config/http.xml does not mention "optional" as a possible parameter value, only
"true", "false", "want".

The code in util.net.jsse.JSSESocketFactory only checks for

"true", "yes" and "want"; AFAICT everthing else is treated as "false".

It looks like the entry in ssl-howto.xml is wrong.

Also, perhaps the description in http.xml should include "yes" as an alias for
"true".

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message