Hi, I have written a PKI proxy servlet to support a tool that needs access to my customer’s secured web site, but the application does not support client certificate security. The Servlet works great when called from a browser, where the proxy uses a B2B certificate for access and forwards the response to the browser as expected. That seemed like a good prototype, however, when I went to test against the tool I found that it was not making a GET request, but rather a CONNECT request. I extended my code to accept the CONNECT, however the request never seems to get past the front door Tomcat. None of my code is ever called, so I have to assume that I have a setting wrong in Tomcat.
Everything I can find online discusses how you shouldn’t have a Tunneling proxy in your infrastructure, but this is all in a secured environment, not on the internet, so this is not an issue and has been approved. Is there something I’m missing? Thank You, Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
