If I include
<webAppSecurity overrideHttpAuthMethod="CLIENT_CERT"/>
in my definitions it prompts for userid and password.
I think this is ignored for a web browser and z/OS explorer..
How can I check to see if this works? If I put in invalid values - it complains
The following work fine
<ssl clientAuthentication="false"
clientAuthenticationSupported="false"
regards
Colin