1 Reply Latest reply on Sep 19, 2007 8:50 AM by Aljaz Meznaric

    clietAuth only for specific location

    Aljaz Meznaric Newbie

      How can i enable clientAuth only for specific location? I have a problem, because our application runs on https, and we have 2 login methods.

      1. Login: Login using username and password
      2. Login: Login using password and certificate

      Our main site must be view-able to all and then the user will login how ever he wants.

      My first test was with Apache and mod_jk - it worked great. I could specify a location for witch it should request a client cert - WORKS!

      My problem is here: We have our own login auth script and we only need a request for the client certificate - not verification and anything - that is done by our script (all our certificates are in the database). I have a keystore (server cert) and truststore (ca`s). When i enable clientAuth in tomcat connector it requests client cert for all connection to localhost:8443. I need a request for client cert only for localhost:8443/something-else/

      Is this possible?

      Thank you in advance, Alja?