I'm working on a web app where I need to offer two forms of authentication; FORM, and CLIENT-CERT
In the past I've tried SSLWithFORMFallback, even contributing the current tomcat7 one on the wiki: https://wiki.apache.org/tomcat/SSLWithFORMFallback Unfortunately, that has one drawback; there's no way to offer a user the ability to register for the site with their client certficate in that version, which is what I really need. My entire app is the same for both FORM and CLIENT-CERT authentication, I just have to change the login-config between them [that's literally the only change, to that one directive]. Is there some easy way to manage one web application with two different web.xml files? What I really want is, say, context.xml to create two contexts with two paths, with different web.xml files. One solution I can imagine is something like: <?xml version="1.0" encoding="UTF-8"?> <Context path="/MySiteSSL" webxml="/WEB-INF/ssl_web.xml"> ... configuration stuff ... </Context> <Context path="/MySiteFORM" webxml="/WEB-INF/ssl_form.xml"> ... configuration stuff ... </Context> [Except, of course, that I really don't want to configure all my other context resources twice, and I don't really want to have to maintain two different web.xml files with the same settings except for one element. Also that there doesn't appear to be an appropriate attribute for that] I could make my form login page a bit smarter to include registration information if a remote user already exists, but that just feels ucky. I'm somewhat at a loss. Currently I have my build system dropping two .war files, with different web.xml files inside them. But that feels hokey Cheers, Gary --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org