Kevin wrote: > > Do I understand correctly from this comment that if a user connects to > the site using a client certificate, and if the SSLClientVerify step > happens before the attempted post operation, that the problem won't > occur? If so, then I should be home free, because with plone, one must > GET a page first, before POSTing any data using the form in question.
PROVIDED keep alives are true, or possibly if the session ID is cached and reused (I'm fuzzy on the second possibility - it may still fail since the cached session may or may not recognize that the client credentials were negotiated.)
