[jboss-jira] [JBoss JIRA] (WFLY-5256) HTTPS undertow listener request client certificate despite verify-client=NOT_REQUESTED
Manuel Colchete (JIRA)
issues at jboss.org
Tue Sep 1 16:47:05 EDT 2015
Manuel Colchete created WFLY-5256:
-------------------------------------
Summary: HTTPS undertow listener request client certificate despite verify-client=NOT_REQUESTED
Key: WFLY-5256
URL: https://issues.jboss.org/browse/WFLY-5256
Project: WildFly
Issue Type: Bug
Components: Web (Undertow)
Affects Versions: 8.0.0.CR1
Reporter: Manuel Colchete
Assignee: Stuart Douglas
Priority: Minor
Fix For: 8.0.0.Final
HTTPS undertow listener has 3 options for verify-client parameter: NOT_REQUESTED (Default), REQUESTED, REQUIRED. If it is set to NOT_REQUESTED (the default), it should not require a certificate chain unless the client requests a resource protected by a security constraint that uses CLIENT-CERT authentication. But when I tried to access unsecured resource as first, it requested certificate. (It behaves same as verify-client is set to REQUESTED)
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
More information about the jboss-jira
mailing list