set clientAuth="want"
you still may have to do some mucking around in the realm code to be
able to do both in a prioritized order
Filip
Dave wrote:
Hi, I need some help on SSL client authentication.
If a user has digital certificate installed on his/her machine, we like to authenticate the user using digital certificate, otherwise using username/password.
When I set clientAuth="true" in server.xml, open IE to the server URL (https), IE popup a window asking for the client certificate even though there is no certificate found in client machine.
1. how to ask client browser(IE) to ignore digital certificate if not found?
2. on server, how to get the client certificate for verification? java API?
Thank for help.
Dave
---------------------------------
Looking for last minute shopping deals? Find them fast with Yahoo! Search.
------------------------------------------------------------------------
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.516 / Virus Database: 269.17.13/1211 - Release Date: 1/6/2008 11:57 AM
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
