DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=38553>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=38553 [EMAIL PROTECTED] changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO ------- Additional Comments From [EMAIL PROTECTED] 2006-04-13 20:52 ------- I understand your point, and have located the relevant code: org.apache.catalina.authenticator.SSLAuthenticator line 139. However, I'm not convinced the behavior you're asking for is correct: does the RFC say 401 (instead of 400, or more generally 4xx) is *required* for the case where a request has no certificates at all? If you could point out the relevant spec part that makes this clear, we can change the code. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
