Hi, I'm looking for info on Client Ceritificate based authentication in WebSphere Portal.


The article available on following the link below has sufficient information about setting up client certificate based authentication.


http://publib.boulder.ibm.com/infocenter/wpdoc /v6r0/index.jsp?topic=/com.ibm.wp.ent.doc/wpf/certauth.html



But it has an issue in failover scenario. Grateful if anyone can advise



REQUIREMENT: I'm supposed to redirect the user to login page in case of failover. [say like when the client certificate expires / the desktop client (browser) doesn't have a certificate installed]



ISSUE: The article says that "this setup doesn't allow form-based login via username and password and switches the authentication completely to certificate based" which is evident from the couple of steps specified as a part of configuration.




1. "<login-config" should be modified to change "<auth-method>FORM</auth-method>" to "<auth-method>CLIENT-CERT</auth-method>".


Q: Can I do any configuration in this so that login page is redirected in failover scenarios




2. Another step specifies "Remove the login portlet from all pages where it is placed, for example the welcome and the login page"


Q: Can I avoid this step so that Login page could be redirected if certificate based authentication fails?




This being the case, what could be the options that I can try to redirect the user to login page when certificate based authentication fails?




Any thoughts / ideas on this would be more helpful.




cheers, vasu