Hello,
I have implemented own realm. I extended RealmBase, overrided methods
(1) public Principal authenticate(X509Certificate[] certs),
(2) public Principal authenticate(String username, String credentials).
I have Tomcat 6 that runs behind Apache Server over AJP. In the
situation (1) client connects to HOST1, Apache Server challenges for
client certificate. In the situation (2) client connects to HOST2. Both
HOST1, HOST2 are configured to do a reverse proxy to /myapp on tomcat.
I am not able to configure tomcat to call both methods. In the myapp's
web.xml I have
<login-config>
<auth-method>CLIENT-CERT</auth-method>
<realm-name>SecustampRealm</realm-name>
</login-config>
and tomcat calls the function (1). When I replace CLIENT-CERT for BASIC
tomcat calls the function (2).
Is it possible to configure tomcat to call both variants of functions?
I'd like to write something like <auth-method>CLIENT-CERT or
BASIC</auth-method>.
Jan.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
