tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <>
Subject Re: Recognizing certificate removal (SmartCard)
Date Wed, 05 Dec 2012 16:07:32 GMT
Hash: SHA1


On 12/5/12 3:12 AM, André Warnier wrote:
> Other than that, and without any pretense at offering a "solution"
> to the present issue, maybe this is the point where one needs to
> step back and ask oneself if this is really a problem of the
> application.

You're right: this is not a problem of the "application" (at least,
not the web application itself). Unfortunately, it's an operation
requirement which means it must be solved *somewhere*.

At this point, we're way off-topic where Tomcat is concerned. ;)

> If the environment is such that it is a concern that one might
> login using a card, then remove the card and walk away, leaving
> the workstation logged-in and a session open with some
> security-conscious application, for someone else to use at will,
> then maybe this is not a problem of the application at the other
> end, but a problem with the environment ? What for example if that
> same person walks away while leaving their card in the reader ?

Court martial. :)

- -chris
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools -
Comment: Using GnuPG with undefined -


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message