Hi,  I have written a PKI proxy servlet to support a tool that needs access to 
my customer’s secured web site, but the application does not support client 
certificate security.  The Servlet works great when called from a browser, 
where the proxy uses a B2B certificate for access and forwards the response to 
the browser as expected.  That seemed like a good prototype, however, when I 
went to test against the tool I found that it was not making a GET request, but 
rather a CONNECT request.  I extended my code to accept the CONNECT, however 
the request never seems to get past the front door Tomcat.  None of my code is 
ever called, so I have to assume that I have a setting wrong in Tomcat.

Everything I can find online discusses how you shouldn’t have a Tunneling proxy 
in your infrastructure, but this is all in a secured environment, not on the 
internet, so this is not an issue and has been approved.  Is there something 
I’m missing?  

Thank You,
Mark


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to