Hello glassfish users,
I would like to use the same URL with two methods
of authentication : client certificate, and if none is supplied
then basic http.
However, this seems impossible to do since if the URL
is defined as CLIENT_CERT, then if client does not supply
its certificate, request process is aborted by glassfish
before it reaches application code (where a filter could
handle basic authentication).
I am aware of the following optional certificate feature
http://java.net/jira/browse/GLASSFISH-6935
and thought it would solve my problem.
However the main drawback is that this is defined on the
connector itself, and is thus common to all URLs : on the
client side, it triggers a certificate choice popup (or password
credentials on java webstarts) even on unauthenticated
URLs. This is not an option.
Would it be possible to do a per-url optional certificate,
may be by defining several login methods in web.xml or so.
Any advice on this topic will be appreciated, even if this is
glassfish/grizzly specific.
I have also considered JSR-196, but could not figure out
if this may solve my problem or not.
I use GF 3.1.2.2
Regards,
M .Maison