tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Cruz <andre.c...@co.sapo.pt>
Subject Re: Renegotiate SSL connection in servlet
Date Wed, 01 Apr 2009 13:33:45 GMT
On Apr 1, 2009, at 14:23 , André Cruz wrote:

> On Apr 1, 2009, at 14:21 , Mark Thomas wrote:
>
>> André Cruz wrote:
>>> On Mar 31, 2009, at 22:17 , Mark Thomas wrote:
>>>
>>>> Caldarale, Charles R wrote:
>>>>>> From: Christopher Schultz [mailto:chris@christopherschultz.net]
>>>>>> Subject: Re: Renegotiate SSL connection in servlet
>>>>>>
>>>>>> Your only other option for Tomcat is to configure another  
>>>>>> <Connector>
>>>>>> which would require a different IP or port number, which makes  
>>>>>> it ...
>>>>>> inconvenient at best.
>>>>>
>>>>> Using a different port may not work at all with many versions of  
>>>>> IE,
>>>>> which "know" that all HTTPS traffic is on 443 and ignore the  
>>>>> port on
>>>>> the URL.
>>>>>
>>>>> "Standards?  What standards?  We don't need no stinkin'  
>>>>> standards!"
>>>>
>>>> What happens if you define multiple security constraints? ie
>>>>
>>>> 1. Requires SSL for whole app
>>>> 2. Requires CLIENT-CERT auth for part of the app.
>>>
>>> Does not work. Client certificate is not requested.
>>
>> Hmm. That doesn't sound good. Can you create a bugzilla entry for  
>> that use case
>> and I'll try and take a look as to why.
>
> Will do. Thanks.

https://issues.apache.org/bugzilla/show_bug.cgi?id=46950

André


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message