You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@tomcat.apache.org by bu...@apache.org on 2011/04/08 23:52:31 UTC

DO NOT REPLY [Bug 34868] allow to register a trust store for a session that becomes effective before CLIENT-CERT auth is executed on requests

https://issues.apache.org/bugzilla/show_bug.cgi?id=34868

Mark Thomas <ma...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|ASSIGNED                    |RESOLVED
         Resolution|                            |WONTFIX

--- Comment #11 from Mark Thomas <ma...@apache.org> 2011-04-08 17:52:28 EDT ---
Per session trust managers can't possibly work since the SSL connection has to
be established before the client can send any data that would identify the
session in which to look for the trust manager. I am therefore resolving this
as WONTFIX.

However, it is worth noting the Tomcat 7 (as a result of fixing bug 48208) now
supports custom trust managers which should be sufficient to meet any
requirement not meet by the standard trust manager.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org