On Fri, Mar 19, 2010 at 8:18 AM, rangeli nepal <rangeli.ne...@gmail.com> wrote:
> Suppose there is link( https://B....) provided on an web application > hosted at A (tomcat server) that access service on B which through a > response.redirect(https://B...) > Once user clicks that link a encrypted channel is established between A and > B. If B asks client certificate A will furnish it. Not hardly. A redirect from A tells the original client browser "nope, wrong place, send your request to e.g. https://B...";. Now it's strictly between the client and B -- A has nothing further to do with that transaction. -- Hassan Schroeder ------------------------ hassan.schroe...@gmail.com twitter: @hassan --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
