Hi. I have been looking into a problem with Tomcat5, ClientAuth=false, and JSSE in JDK1.4 and it seems like the JSSE has a problem.
Namely if you build an SSL socket, then later decide you need to exchange certs with the client (ie. CLIENT-CERT), then the SSlSocket.startHandshake() method is called. Unfortunately this method is asynchronous, and waits for a read() or write() to occur before it does it's work. TC5 processes requests kinda like this; a Request comes in, TC5 checks to see if the Resource is protected, then a negotiation may start. However JSSE won't initiate a cert exchange unless a Read() or a Write() happens on the socket, but TC5 doesn't have anything it wants to write or read when the 'startHandshake()' is called.... I have been playing around with using a sendRedirect() back to the same page, but boy does that seem messy. Any ideas? -bob P.S. I tweaked the JSSE sample programs to demonstrate the problem outside of Tomcat. If anyone wants a copy - just ask. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>