[ https://issues.apache.org/jira/browse/FELIX-4797?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Carsten Ziegeler closed FELIX-4797. ----------------------------------- > Enable client certificate requesting without verifying the certificates > ----------------------------------------------------------------------- > > Key: FELIX-4797 > URL: https://issues.apache.org/jira/browse/FELIX-4797 > Project: Felix > Issue Type: Improvement > Components: HTTP Service > Reporter: Pascal Mainini > Priority: Minor > Labels: patch > Attachments: > 0001-Patch-enabling-client-certificate-authentication-wit.patch, > enabling-sslContext-services.patch > > > This is a patch enabling requesting client certificate authentication without > further validation of the certificates provided by the client. Rationale: > Enabling requests of client certificates by setting > "org.apache.felix.https.clientcertificate" to "wants" or "needs" requests a > client-certificate from any connecting client. Depending on the value set, > this is either an optional or mandatory step to be fulfilled by the client in > order to have it's HTTP-request further processed. > The client-certificate obtained is validated against either the > CA-certificates found in the truststore or - if none given - by the server's > certificate itself. > For some usecases, this validation is unsuitable or not possible at all, > namely for supporting WebID-style (https://en.wikipedia.org/wiki/WebID) > authorization processed by a servlet within the container. -- This message was sent by Atlassian JIRA (v6.3.4#6332)