Is it possible to run on the same container (instance of Tomcat) web
application that DO require certificates and other applications that do
NOT require certificates?
To define required client certificate authorization one needs to define
in SERVER.XML
<Connector className=............ port="8443"....... scheme="https"......
<Factory className
="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
clientAuth="true" protocol="TLS"
keystoreFile="MyPath/MyKeystoreFile ...../>
</Connector>
The thing is, I have at a customer site a web-application that serves a
mixed PKI environment. This means, that some users use chip-cards and a
Single Sign On solution to authenticate. But there is also a quite big
population of users who still use a standard username/password
authentication over an SSL connection. So for both cases I need SSL.
Is there any way of defining this on an application level, which would
mean the definition should go into web.xml instead of server.xml. I then
could make two web applications, one defined for users with a
Certificate and one for users without. If that is not possible, I need
two servers, each running an instance of Tomcat with different
server.xml settings.
Any suggestions would be greatly apreciated.
Tom
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
