https://issues.apache.org/bugzilla/show_bug.cgi?id=53459
Priority: P2
Bug ID: 53459
Assignee: dev@tomcat.apache.org
Summary: clientAuth="optional" not documented - is it valid?
Severity: normal
Classification: Unclassified
OS: All
Reporter: s...@apache.org
Hardware: All
Status: NEW
Version: unspecified
Component: Documentation
Product: Tomcat 7
The file ssl-howto.xml includes the line
clientAuth="optional" SSLProtocol="TLSv1"/>
However, the corresponding description of the clientAuth parameter in
config/http.xml does not mention "optional" as a possible parameter value, only
"true", "false", "want".
The code in util.net.jsse.JSSESocketFactory only checks for
"true", "yes" and "want"; AFAICT everthing else is treated as "false".
It looks like the entry in ssl-howto.xml is wrong.
Also, perhaps the description in http.xml should include "yes" as an alias for
"true".
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
