[jboss-jira] [JBoss JIRA] (WFLY-5256) HTTPS undertow listener don't request client certificate when verify-client=NOT_REQUESTED
Manuel Colchete (JIRA)
issues at jboss.org
Mon Sep 14 08:46:00 EDT 2015
[ https://issues.jboss.org/browse/WFLY-5256?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13108245#comment-13108245 ]
Manuel Colchete commented on WFLY-5256:
---------------------------------------
I'm sorry I cloned the issue and not updated the title.
The problem is that when verify-client is configured with NOT_REQUESTED, and a resource that uses CLIENT-CERT authentication is accessed, the certificate is not required and returns a 403 status.
Please see [https://developer.jboss.org/thread/262364] for details.
Thank you.
> HTTPS undertow listener don't request client certificate when verify-client=NOT_REQUESTED
> -----------------------------------------------------------------------------------------
>
> Key: WFLY-5256
> URL: https://issues.jboss.org/browse/WFLY-5256
> Project: WildFly
> Issue Type: Bug
> Components: Web (Undertow)
> Affects Versions: 8.2.0.Final
> Reporter: Manuel Colchete
> Assignee: Stuart Douglas
>
> HTTPS undertow listener has 3 options for verify-client parameter: NOT_REQUESTED (Default), REQUESTED, REQUIRED. If it is set to NOT_REQUESTED (the default), it should not require a certificate chain unless the client requests a resource protected by a security constraint that uses CLIENT-CERT authentication. But when I tried to access secured resource as first, it don't requested certificate and return HTTP status 403.
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list