Hi list.
Currently I'm running into problems configuring my glassfish v4 server /
applications the right way to realize the following scenario:
I have a couple of web services / web applications running under the
same domain. All are SSL secured, so I'm using the default
http-listener-2. Now I want to enable client certificate authentication
for one of the services (in particular a SOAP web service).
If I turn on client certificate authentication for the listener, all
apps require client certs regardless my settings in the web.xml
configurations. Turning off client certificate authentication and only
setting <auth-method> in web.xml to CLIENT-CERT doesn't also work.
Can anyone point me into the right way?
Thanks in advance,
Tobias