Hello
I configured Tomcat5,Apache2,mod_ssl and mod_jk.
I use certification, but I want some of directiories not tu require
certificate.
Choosing which directories needs cetrtificate is configured via
<Directory "/">
SSLVerifyClient none
</Directory>
<Directory "/usr/local/tomcat/webapps/xxx/yyy">
SSLVerifyClient require
SSLVerifyDepth 2
</Directory>
It works ok with Apache (without certificate I can't access yyy
directory). Hovewer if I anable ajp13 connector like this:
JkMount /xxx/*.jsp ajp13
it works only with non-jsp files (served by Apache in this example) - I
can access JSP files in yyy directory without certificate (I shoudn't).
So directive 'SSLVerifyClient require' doesn't work together with
connector - I can read every file served via connector without certificate.
One another word - if I enable cerificate requirements globally, it
works globally (can't access anything, even jsp files, without
certificate) and whatever directive I would write I can't unblock some
directories to not need certificate.
Last word - such configuration worked with Apache 1.3, Tomcat 4, mod_ssl
and mod_jk.
Marx
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
