Hi All

I'm working in a project where users can be authetificated by username/password OR X509 certificate.

we're having problems in order to integrate both methods. We tried two lines

a) Configure server.xml in SSL connector with clientAuth="true". Users with a valid certificate run well. Browser show a dialog asking a certificate, users select one and can navigating without problems.

Users with basic mechanism (username/password) are excluded from ssl side.

b) Configure 2 security constraints in web.xml
mysite/cert/* -> with CLIENT-CERT
mysite/basic/* -> with BASIC

Now users with username/password can navaigate without problems, however never ask for a certificate in mysite/cert/XXX .

Exists any way to solve this issue?

thank in advanced