I have an application developed under WAS 5. It contains a web service (axis based) and a
servlet framework (similar to
Struts) that also uses several JSPs.
I have a requirement to serve the Web Service using client authentication (obviously https). An additonal requirement is to serve the servlet and JSPs over https without client authentication. These both need to run in the same application server (for standards purposes). How does one do this?
It seems to me that if I turn on Client Side authentication for the server (and yes it seems to be set at the server level correct me if I'm wronger), I can no longer access my JSPs and servlets but I can get to the web service. Obviously if I set it to a lower standard than client authentication then the web service no longer uses client side authentication.
Any thoughts appreciated ...