https://issues.apache.org/bugzilla/show_bug.cgi?id=48208
--- Comment #6 from Christopher Schultz <[email protected]> 2011-01-31 15:42:47 EST --- If you don't need authentication, why bother configuring it? If you just want ANY client certificate to be available to your webapp, why not configure <Connector clientAuth="want" />? Enabling CLIENT_CERT *authentication* with no form of validation of the certificate is entirely without merit. If you just want the client certificate, then you want clientAuth="want" with no authentication configured. Like Mark, I will -1 any attempt to add this feature unless you can give us a reasonable use case that is not possible to configure in Tomcat. -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
