Hi, Yes, it should be possible to use CertConstraintsFeature in Tomcat as well, because Tomcat initializes the servlet request SSL properties "javax.servlet.request.X509Certificate" and "javax.servlet.request.cipher_suite" used by CXF CertConstraints interceptors. Therefore you will be able to apply custom constraints to certificate subjectDN and issuer using CertConstraintsFeature or provide own authentication mechanism using information from TSLSessionInfo.
Regards, Andrei. > -----Original Message----- > From: Penmatsa, Vinay [mailto:[email protected]] > Sent: Montag, 2. Juni 2014 00:31 > To: [email protected] > Subject: CertConstraintsFeature > > Hi, > Is it possible to do custom client authentication using CertConstraintsFeature > with CXF application deployed in tomcat? > Basically, tomcat is configured with SSL. But instead of tomcat doing client > auth > for all endpoints, I want to configure it for each service defined in my xml > (<jaxrs:server). > > -Vinay
