You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by atul <te...@yahoo.com> on 2007/06/18 23:51:09 UTC

client ssl renegotiation after invalidating session

Is there a way in tomcat to re-negotiate client certificate after the http session has been invalidated (it had been successfully authenticated once before) in the app. i.e. without closing and starting a new client browser.
I tried accessing request attributes javax.servlet.request.X509Certificate and org.apache.coyote.request.X509certificate,
but it did not work.

I guess the old ssl socket is still around and tomact just returns the old authenticated client certificate without going to the browser. I have to restart the browser to get the client cert again.

* I need tomcat to ask for the client cert again (renegotiate) from the browser without restarting a new one. *

Any prompt help is really appreciated.


Thanks,


       
____________________________________________________________________________________
Get the free Yahoo! toolbar and rest assured with the added security of spyware protection.
http://new.toolbar.yahoo.com/toolbar/features/norton/index.php

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org