[cas-dev] More login flow gotchas
Stephen A. Cochran
stephen.a.cochran at Dartmouth.EDU
Tue Jun 27 09:21:55 EDT 2006
On Jun 27, 2006, at 9:15 AM, Velpi wrote:
> note that IE is a party crasher when you set the http connector to
> clientAuth="want" as that will popup the (empty) list for all users
> not having a
> cert, which is most likely the largest group at the moment. That
> option is also
> configurable though:
> "Don't prompt for client certificate selection when no certificates
> or only one
> certificate exists"
> It's disabled by default. I wonder why MS didn't put that at
> enabled by default,
> ah well...
This isn't true any more actually. Lots of browsers had problems when
setting SSLClientVerify (apache option at least) to optional. Safari
before 10.3.4 or something like that. IE for a while.
But current versions of IE, Firefox, Opera, Safari, and Konquerer all
seem to handle it fairly gracefully. Anyone that wants to test a
specific browser let me know, I have sites you can hit.
Steve
More information about the cas-dev
mailing list