tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Subscriber <>
Subject Re: Handling SSL Client Auth abort
Date Mon, 07 May 2007 09:30:27 GMT

>> ...unfortunately I never get that far where I can catch the 
>> exception. 
>> The exception is thrown within Tomcat and in my application code.
> (I'll assume there's a rather critical "not" missing from the last
> clause in the above sentence.)
Of course - NOT in my application code :-)
> If the client refuses the certificate or otherwise breaks the connection
> during the SSL negotiation, no servlet has been selected to receive the
> message, so there's no one to deliver the exception to.  The servlet
> spec doesn't seem to have any notion of container-oriented error pages,
> so I think you're out of luck without custom code inside Tomcat.
>  - Chuck

This is OK - but how do I put custom code into the Tomcat? I've already 
coded a custom realm for the purpose of verifying the certificate - 
could I use this realm to catch the exception?


To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message