[jaxrs-dev] SeBootstrap.SSLClientAuthentication Clarification

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

[jaxrs-dev] SeBootstrap.SSLClientAuthentication Clarification

From: James Perkins <jperkins@xxxxxxxxxx>
Date: Tue, 8 Mar 2022 12:11:00 -0800
Delivered-to: jaxrs-dev@xxxxxxxxxxx
List-archive: <https://www.eclipse.org/mailman/private/jaxrs-dev/>
List-help: <mailto:jaxrs-dev-request@eclipse.org?subject=help>
List-subscribe: <https://www.eclipse.org/mailman/listinfo/jaxrs-dev>, <mailto:jaxrs-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://www.eclipse.org/mailman/options/jaxrs-dev>, <mailto:jaxrs-dev-request@eclipse.org?subject=unsubscribe>

Hello All,

I'm trying to understand the usage of SSLClientAuthentication. The 3 options are NONE, OPTIONAL and MANDATORY. There is nothing in the specification about it, but the JavaDoc says:

"Secure socket client authentication policy

This policy is used in secure socket handshake to control whether the server requests client authentication, and whether successful client authentication is mandatory (i. e. connection attempt will fail for invalid clients)."

What I don't really understand is what is the use-case for an invalid client certificate? It seems a bit odd to me to allow invalid client certs, but I might just be missing some use-case.

James R. Perkins

JBoss by Red Hat

Follow-Ups:
- Re: [jaxrs-dev] SeBootstrap.SSLClientAuthentication Clarification
  - From: Markus Karg
- Re: [jaxrs-dev] SeBootstrap.SSLClientAuthentication Clarification
  - From: Christian Kaltepoth

Prev by Date: Re: [jaxrs-dev] [External] : Milestone Release
Next by Date: Re: [jaxrs-dev] SeBootstrap.SSLClientAuthentication Clarification
Previous by thread: [jaxrs-dev] Milestone Release
Next by thread: Re: [jaxrs-dev] SeBootstrap.SSLClientAuthentication Clarification
Index(es):
- Date
- Thread

Breadcrumbs