Again, I am going to have to disagree with you. I am no expert so I am just putting this out there for discussion. Your statement...
anonymous wrote : but the connector not only allows you to enable server side auth via ssl negotiation, it also allows you to enable client side auth. confuses a client with a user of an application. SSL is a transport layer protocol. SSL configured to check certificates (on one side or both) is just a way to provide trust. Trust that your server knows the client and trust that the client knows the server. Not that the server knows the user using the client. However, this does not deal with your original problem of anonymous wrote : | This enables dual ssl. However, it disables basic auth from any clients towards other web apps that don't require cert based auth. | So what happens with an application that is configured to use BASIC authentication? Also, if you have evidence to show my arguments are incorrect, please let me know. later, cgriffith View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3949258#3949258 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3949258 _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user