tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: configure tomcat with two conection SSL
Date Thu, 15 Jan 2009 22:18:45 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Peibel,

peibel wrote:
> [Can Tomcat be set up to use two different types of SSL connections?]
> 
> Depending on the page you requested enter with  user certificate or not.

So, you want to use client certificates for some pages, and no
authentication for others? That shouldn't be a problem. You want to set
up CLIENT-CERT as your authentication method, and then set authorization
constraints only for those pages that require CLIENT-CERT.

You can use SSL for all requests, even if they don't need authentication.

See http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html

The documentation for the SSL connector says that the "clientAuth"
attribute should be set to "want" which means that it will accept a
client certificate from the client but will not require one.

Hope that helps.

> Sorry for my English

No problem!

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAklvtkUACgkQ9CaO5/Lv0PBDKACeL7xq0DJOyso4Hgh7X1AVCdyl
vpUAoI5PoD8+ZTQjSvaOAstt4MCUwTpD
=Bxhw
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message