I'm working in a project where users can be authetificated by username/password OR X509 certificate.
we're having problems in order to integrate both methods. We tried two lines
a) Configure server.xml in SSL connector with clientAuth="true". Users with a valid certificate run well. Browser show a dialog asking a certificate, users select one and can navigating without problems.
Users with basic mechanism (username/password) are excluded from ssl side.
b) Configure 2 security constraints in web.xml
mysite/cert/* -> with CLIENT-CERT
mysite/basic/* -> with BASIC
Now users with username/password can navaigate without problems, however never ask for a certificate in mysite/cert/XXX .
Exists any way to solve this issue?
thank in advanced