In JSSESocketFactory I change .setNeedClientAuth(clientAuth); to:
String clientAuthOptStr=(String)attributes.get("clientauthopt");
if(clientAuthOptStr != null) {
if(clientAuthOptStr.equals("true")) {
.setWantClientAuth(clientAuth);
} else if(clientAuthOptStr.equals("false")) {
.setNeedClientAuth(clientAuth);
} else {
throw new IOException("Invalid value '" +
clientAuthOpt +
"' for 'clientauth' parameter:");
} }
I have introduced clientAuthOptional = "true/false" in server.xml but this patch doesn't work.
Regards.
At 09:04 12/02/2003 +0100, you wrote:
i had the same problem and the only solution is to path the existing
org.apache.tomcat.util.net.jsse.JSSESocketFactory
ther you have to change
.setNeedClientAuth(clientAuth);
to
.setWantClientAuth(clientAuth);
if you want i can send you the patched file .class or the completet .jar to your private adress.
i would like to have a setting in the server.xml:
clientAuthOptional = true/false
that would be nice!
Tomcat User wrote:
Hi all.
I work with secure applications (Tomcat 4.1.18 with SSL + client authentication using certificates) and I would like to have client authentication optional because in server.xml file the client authentication is obligatory or not (clientAuth = true or false).
How I can resolve my problem??
Very thanks and regards.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]