This is not supported as it cannot be made to work in general. With CLIENT-CERT authentication that requires authentication at both the SSL transport level and the web container level, how are we going to push back the client cert neccessary? The problem with web authentication is that in general its the browser/user agent that has to provide the security context via http headers.
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3882685#3882685 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3882685 ------------------------------------------------------- SF.Net email is sponsored by: Discover Easy Linux Migration Strategies from IBM. Find simple to follow Roadmaps, straightforward articles, informative Webcasts and more! Get everything you need to get up to speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
