Is there a way in tomcat to re-negotiate client certificate after the http
session has been invalidated (it had been successfully authenticated once
before) in the app. i.e. without closing and starting a new client browser.
I tried accessing request attributes javax.servlet.request.X509Certificate and
org.apache.coyote.request.X509certificate,
but it did not work.
I guess the old ssl socket is still around and tomact just returns the old
authenticated client certificate without going to the browser. I have to
restart the browser to get the client cert again.
* I need tomcat to ask for the client cert again (renegotiate) from the browser
without restarting a new one. *
Any prompt help is really appreciated.
Thanks,
____________________________________________________________________________________
Get the free Yahoo! toolbar and rest assured with the added security of spyware
protection.
http://new.toolbar.yahoo.com/toolbar/features/norton/index.php
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
