Thanks allot! I'm not sure I can use EE6 authenticate() as I want to be app server portable as possible. I do have full control over the java thick clients, however; is there any way for the client to force glassfish to accept a client cert?
For example, if I use SSLSocket.setNeedClientAuth(true) will that force the server to do it?
[Message sent by forum member 'suggarglider' (suggarglider)]
http://forums.java.net/jive/thread.jspa?messageID=359911