, February 01, 2016 2:17 AM
To: Tomcat Users List
Subject: Re: client ssl renegotiation after invalidating session
Thank you very much for your reply,
I tried your solution on APR, NIO and BIO connectors but it seems my problem
comes from somewhere else.
From what I could gather, it is a matter of
; Sent: Friday, January 29, 2016 10:33 AM
> To: Tomcat Users List
> Subject: client ssl renegotiation after invalidating session
>
> I want to invalidate the client ssl cert authentication after the user
> logs out of my application.
>
> There is nothing about it in the docs and
-Original Message-
From: Gael Abadin [mailto:gael.aba...@imatia.com]
Sent: Friday, January 29, 2016 10:33 AM
To: Tomcat Users List
Subject: client ssl renegotiation after invalidating session
I want to invalidate the client ssl cert authentication after the user logs out
of my
I want to invalidate the client ssl cert authentication after the user logs
out of my application.
There is nothing about it in the docs and google just digs out this
unanswered old thread from this users list in 2007:
https://mail-archives.apache.org/mod_mbox/tomcat-users/200706.mbox/%3c306958.8
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Konstantin,
On 11/30/2010 4:20 PM, Konstantin Kolinko wrote:
> 2010/12/1 Christopher Schultz :
>> On 11/20/2010 5:04 PM, Pid wrote:
>>>
>>> http://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.html
>>
>> Interesting that Ora
2010/12/1 Christopher Schultz :
> On 11/20/2010 5:04 PM, Pid wrote:
>> http://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.html
>
> Interesting that Oracle chose to patch Java 1.5 and 1.4, which have both
> reached EOL.
>
> Oracle gets a point for pragmatism and security.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Pid,
On 11/20/2010 5:04 PM, Pid wrote:
>
> http://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.html
Interesting that Oracle chose to patch Java 1.5 and 1.4, which have both
reached EOL.
Oracle gets a point for pragmatism
All,
I thought this might be of interest:
http://www.oracle.com/technetwork/java/javase/documentation/tlsreadme2-176330.html
p
0x62590808.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
On 26/10/2010 18:28, Aron K. wrote:
> Hi,
>
> Firefox ist RFC 5746 compliant. (http://www.ssltls.de/)
> Tomcat 6.0.29 uses JRE 1.6.22, also RFC 5746 compliant.
>
> Renegotiation should occur, as the browser initially doesn't send the
> client certificate, then the user is supposed to choose a cli
Hi,
Firefox ist RFC 5746 compliant. (http://www.ssltls.de/)
Tomcat 6.0.29 uses JRE 1.6.22, also RFC 5746 compliant.
Renegotiation should occur, as the browser initially doesn't send the
client certificate, then the user is supposed to choose a client cert.
and then the browser should renegotia
Is there a way in tomcat to re-negotiate client certificate after the http
session has been invalidated (it had been successfully authenticated once
before) in the app. i.e. without closing and starting a new client browser.
I tried accessing request attributes javax.servlet.request.X509Certifica
11 matches
Mail list logo