tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Cruz <andre.c...@co.sapo.pt>
Subject Re: Renegotiate SSL connection in servlet
Date Wed, 01 Apr 2009 13:23:15 GMT
On Apr 1, 2009, at 14:21 , Mark Thomas wrote:

> André Cruz wrote:
>> On Mar 31, 2009, at 22:17 , Mark Thomas wrote:
>>
>>> Caldarale, Charles R wrote:
>>>>> From: Christopher Schultz [mailto:chris@christopherschultz.net]
>>>>> Subject: Re: Renegotiate SSL connection in servlet
>>>>>
>>>>> Your only other option for Tomcat is to configure another  
>>>>> <Connector>
>>>>> which would require a different IP or port number, which makes  
>>>>> it ...
>>>>> inconvenient at best.
>>>>
>>>> Using a different port may not work at all with many versions of  
>>>> IE,
>>>> which "know" that all HTTPS traffic is on 443 and ignore the port  
>>>> on
>>>> the URL.
>>>>
>>>> "Standards?  What standards?  We don't need no stinkin' standards!"
>>>
>>> What happens if you define multiple security constraints? ie
>>>
>>> 1. Requires SSL for whole app
>>> 2. Requires CLIENT-CERT auth for part of the app.
>>
>> Does not work. Client certificate is not requested.
>
> Hmm. That doesn't sound good. Can you create a bugzilla entry for  
> that use case
> and I'll try and take a look as to why.

Will do. Thanks.

André


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message