Hi All
I'm working in a project where users can be authetificated by username/password OR
X509 certificate.
we're having problems in order to integrate both methods. We tried two lines
a) Configure server.xml in SSL connector with clientAuth="true". Users with a
valid certificate run well. Browser show a dialog asking a certificate, users select one
and can navigating without problems.
Users with basic mechanism (username/password) are excluded from ssl side.
b) Configure 2 security constraints in web.xml
mysite/cert/* -> with CLIENT-CERT
mysite/basic/* -> with BASIC
Now users with username/password can navaigate without problems, however never ask for a
certificate in mysite/cert/XXX .
Exists any way to solve this issue?
thank in advanced
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4246699#...
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...