shibboleth-dev - RE: 2.0 IdP w/NO apache, security policy fails
Subject: Shibboleth Developers
List archive
- From: "Scott Cantor" <>
- To: <>
- Subject: RE: 2.0 IdP w/NO apache, security policy fails
- Date: Wed, 12 Dec 2007 14:07:15 -0500
- Organization: The Ohio State University
> Don't know if that's the issue here, but could be. Maybe the Tomcat
> SSL/TLS config is causing Tomcat to require the cert (from the browser
> perspective), as where our standard Apache config doesn't?
I think that's the key point here. Can Tomcat have different client auth
rules for different ports?
Regardless, should this be "fatal" anyway? My client auth rule doesn't fail
a request if it can't validate the cert, it just doesn't set the secure flag
in the policy for that request.
-- Scott
- 2.0 IdP w/NO apache, security policy fails, Steven_Carmody, 12/12/2007
- RE: 2.0 IdP w/NO apache, security policy fails, Scott Cantor, 12/12/2007
- RE: 2.0 IdP w/NO apache, security policy fails, Steven_Carmody, 12/12/2007
- Re: 2.0 IdP w/NO apache, security policy fails, Brent Putman, 12/12/2007
- RE: 2.0 IdP w/NO apache, security policy fails, Scott Cantor, 12/12/2007
- Message not available
- Re: 2.0 IdP w/NO apache, security policy fails, Brent Putman, 12/12/2007
- RE: 2.0 IdP w/NO apache, security policy fails, Scott Cantor, 12/12/2007
- Re: 2.0 IdP w/NO apache, security policy fails, Brent Putman, 12/12/2007
- Re: 2.0 IdP w/NO apache, security policy fails, Steven_Carmody, 12/12/2007
- RE: 2.0 IdP w/NO apache, security policy fails, Scott Cantor, 12/12/2007
- RE: 2.0 IdP w/NO apache, security policy fails, Steven_Carmody, 12/13/2007
- RE: 2.0 IdP w/NO apache, security policy fails, Scott Cantor, 12/12/2007
- Re: 2.0 IdP w/NO apache, security policy fails, Brent Putman, 12/12/2007
- RE: 2.0 IdP w/NO apache, security policy fails, Steven_Carmody, 12/12/2007
- RE: 2.0 IdP w/NO apache, security policy fails, Scott Cantor, 12/12/2007
Archive powered by MHonArc 2.6.16.