DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=34643>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=34643 ------- Additional Comments From [EMAIL PROTECTED] 2005-05-11 18:28 ------- as per comment 4 item D), got (pseudo-)self signed certs working (it is not the browser's fault), i.e. I first created a self-signed (root9cert), signed the user-cert with it and imported the root-cert into the $JAVA_HOME/jre/lib/security/cacerts for tomcat. Since this doesn't scale as mentioned in and in the described in item 3 GUI/application control flow, the session may well exist before the CLIENT-CERT is executed: i) register trust-store with user-self-signed cert in session for the user to be authenticated as per Bug 34868 ii) response.sendRedirect(/certBasedAuth.do); now that trust-store would be effective upon the subsequent request doing the auth -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
