Hello, I want to secure a servlet so that you can connect to it only if you have a certificate. To do it, firstly I have setup tomcat to support https as in scenarion 3 here: http://wiki.jboss.org/wiki/Wiki.jsp?page=SSLSetup The only difference is that in server.xml, I left clientAuth="false", as I want the rest of the pages to be accessible in a normal way. Later, I configured my web applicaton as it is described here: http://docs.jboss.org/jbossas/jboss4guide/r5/html/ch8.chapter.html#d0e19521 The result I get is, when I don't have the certificate registered, it denies access, but when I have - I get an error message: HTTP Status 401 - Cannot authenticate with the provided credentials Did I miss something? -- Cheers, Adam View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3958941#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...