> -----Original Message----- > From: acastanheira2001 > Sent: Monday, April 26, 2010 8:35 > Subject: Re: Client cert authentication > > > Thanks again Mark, > > I think it will be difficult to move to Tomcat 6 soon. If I > change mod_proxy to mod_jk, does mod_jk passes the client > cert to Tomcat 5.5?
mod_proxy_ajp works perfectly. It will set request.isSecure() and fills in all the certs in the chain not "trusted" by apache httpd. > > Thank you, > Andre > > > > Mark Thomas wrote: > > > > On 22/04/2010 20:00, acastanheira2001 wrote: > >> > >> Thanks Mark, > >> > >> I use mod_proxy (ProxyPass and ProxyReverse) to connect Apache > >> (2.2.3) to Tomcat(5.5)/Jboss (4.2). Can mod_proxy pass > client cert to Tomcat? > > > > With 5.5.x, not with out some custom code. With 6.0.x, yes. > > > > You'd need to port this to Tomcat 5: > > > http://svn.apache.org/viewvc/tomcat/tc6.0.x/trunk/java/org/apache/cata > > lina/valves/SSLValve.java?view=annotate > > > > Mark > > > > -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
