How can i enable clientAuth only for specific location? I have a problem, because our application runs on https, and we have 2 login methods.
1. Login: Login using username and password
2. Login: Login using password and certificate
Our main site must be view-able to all and then the user will login how ever he wants.
My first test was with Apache and mod_jk - it worked great. I could specify a location for witch it should request a client cert - WORKS!
My problem is here: We have our own login auth script and we only need a request for the client certificate - not verification and anything - that is done by our script (all our certificates are in the database). I have a keystore (server cert) and truststore (ca`s). When i enable clientAuth in tomcat connector it requests client cert for all connection to localhost:8443. I need a request for client cert only for localhost:8443/something-else/
Is this possible?
Thank you in advance, Alja?
Well, we solved this with: clientAuth="want" This will ask the client to identify with certificate if he has one, if not, he will still be able to browse the website.
We used this because we had 2 different logins. One with client cert and one with user/pass. Hope this helps.