On Mar 31, 2009, at 22:17 , Mark Thomas wrote:
Caldarale, Charles R wrote:
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Subject: Re: Renegotiate SSL connection in servlet
Your only other option for Tomcat is to configure another
<Connector>
which would require a different IP or port number, which makes
it ...
inconvenient at best.
Using a different port may not work at all with many versions of
IE, which "know" that all HTTPS traffic is on 443 and ignore the
port on the URL.
"Standards? What standards? We don't need no stinkin' standards!"
What happens if you define multiple security constraints? ie
1. Requires SSL for whole app
2. Requires CLIENT-CERT auth for part of the app.
Does not work. Client certificate is not requested.
André
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
