I have an application developed under WAS 5. It contains a web service (axis based) and a servlet framework (similar to Struts) that also uses several JSPs. I have a requirement to serve the Web Service using client authentication (obviously https). An additonal requirement is to serve the servlet and JSPs over https without client authentication. These both need to run in the same application server (for standards purposes). How does one do this? It seems to me that if I turn on Client Side authentication for the server (and yes it seems to be set at the server level correct me if I'm wronger), I can no longer access my JSPs and servlets but I can get to the web service. Obviously if I set it to a lower standard than client authentication then the web service no longer uses client side authentication. Any thoughts appreciated ...
Joined: Aug 10, 2001
If the Web Services and the JSP's/Servlets are in different Web Projects then you won't have a problem. Authentication is turned on/off in WebSphere at the Web Project (WAR) level as according to the Servlet spec. Kyle