clietAuth only for specific location

ameznaric Aug 22, 2007 7:53 AM

How can i enable clientAuth only for specific location? I have a problem, because our application runs on https, and we have 2 login methods.

1. Login: Login using username and password
2. Login: Login using password and certificate

Our main site must be view-able to all and then the user will login how ever he wants.

My first test was with Apache and mod_jk - it worked great. I could specify a location for witch it should request a client cert - WORKS!

My problem is here: We have our own login auth script and we only need a request for the client certificate - not verification and anything - that is done by our script (all our certificates are in the database). I have a keystore (server cert) and truststore (ca`s). When i enable clientAuth in tomcat connector it requests client cert for all connection to localhost:8443. I need a request for client cert only for localhost:8443/something-else/

Is this possible?

Thank you in advance, Alja?

1. Re: clietAuth only for specific location

ameznaric Sep 19, 2007 8:50 AM (in response to ameznaric)

Well, we solved this with: clientAuth="want" This will ask the client to identify with certificate if he has one, if not, he will still be able to browse the website.
We used this because we had 2 different logins. One with client cert and one with user/pass. Hope this helps.
Actions