RE: controlling Server Authentication only vs Mutual authentication

2012-02-14 Thread Sanjeev Sharma
That's what I thought. Thanks anyway. This is good information! -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Tuesday, February 14, 2012 11:50 AM To: Tomcat Users List Subject: Re: controlling Server Authentication only vs M

Re: controlling Server Authentication only vs Mutual authentication

2012-02-14 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sanjeev, On 2/13/12 11:01 PM, Sanjeev Sharma wrote: > Thanks for your reply. If I set clientAuth="want" will it not ask > me for a certificate every time I create a new session? It will not ask for a certificate, but if you provide one, then it wil

RE: controlling Server Authentication only vs Mutual authentication

2012-02-13 Thread Sanjeev Sharma
authentication, will it force the browser to prompt for a client certificate? Sanjeev. -Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Monday, February 13, 2012 4:23 PM To: Tomcat Users List Subject: Re: controlling Server Authentication

Re: controlling Server Authentication only vs Mutual authentication

2012-02-13 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Pid, On 2/13/12 3:39 PM, Pid wrote: > On 13/02/2012 17:42, Christopher Schultz wrote: >> Sanjeev, >> >> On 2/9/12 11:17 AM, Sanjeev Sharma wrote: >>> I work on an java web-app running on Tomcat 7. The entire >>> application is required be doing SSL

Re: controlling Server Authentication only vs Mutual authentication

2012-02-13 Thread Pid
On 13/02/2012 17:42, Christopher Schultz wrote: > Sanjeev, > > On 2/9/12 11:17 AM, Sanjeev Sharma wrote: >> I work on an java web-app running on Tomcat 7. The entire >> application is required be doing SSL on port 443 (everything is >> accessed via https://). Two different login options are give

Re: controlling Server Authentication only vs Mutual authentication

2012-02-13 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sanjeev, On 2/9/12 11:17 AM, Sanjeev Sharma wrote: > I work on an java web-app running on Tomcat 7. The entire > application is required be doing SSL on port 443 (everything is > accessed via https://). Two different login options are given to > the

RE: controlling Server Authentication only vs Mutual authentication

2012-02-10 Thread Sanjeev Sharma
I do have to do a "redirect" from one to the other when I would've preferred to "forward", but otherwise this solution works. -Original Message- From: Sanjeev Sharma [mailto:sanjeev.sha...@buchanan-edwards.com] Sent: Thursday, February 09, 2012 11:18 AM To: Tomca

controlling Server Authentication only vs Mutual authentication

2012-02-09 Thread Sanjeev Sharma
Hi, I work on an java web-app running on Tomcat 7. The entire application is required be doing SSL on port 443 (everything is accessed via https://). Two different login options are given to the user : username/password or client certificate authentication. We employ application-managed secu