java tomcat ssl basic-authentication client-certificates

Is Tomcat capable of using mixed Authentication on one app (BASIC and CLIENT-CERT)?

Is it possible to secure resources of an web-application with tomcat (v. >6) using different auth-methods:

BASIC
CLIENT-CERT

I have a webapp, where some resources can be secured just using BASIC Auth. Example for Basic:

myApp/userInterface/*

But for some resources which are exposed as services I want to use Client-Cert Authentication. Example for Client-Cert:

myApp/api/*

Until now I have only found possiblities to do this per web-app in the web.xml but not on resource level.

Solution

There is no way to configure Tomcat to do this out of the box. It might be possible with 3rd party authentication libraries.

Restricting access to static methds with ArchUnit
Java day of the week from string
Populating Spinner using ArrayList in Android
Ionic Capacitor - Unknown Kotlin JVM target: 21
Singleton & Multithreading in Java
Maven version management w multiple child modules
get number of working days in specific month
Issue with Regex Pattern (split string with characters & numbers)
Why would I ever create a separate mutex/lock object?
Happens before guarantee in Volatile
android.security.KeyStoreException: Signature/MAC verification failed
array of parameterized types
JavaFX WARNING: Unsupported JavaFX configuration: classes were loaded from 'unnamed module @...'
unit test @Valid of springboot without having to spin up / mock the server
Why dec 31 2010 returns 1 as week of year?
Performance Difference of AtomicInteger vs Integer
how do i restric a float value to only one placess after decimal in kotlin android
consecutive pairs divisible by 3
How to call a service from Main application calls Spring Boot?
Setting Namespace Attributes on an Element
How to find jUnit tests in a Java project?
validate the credit card expiry date using java?
A failure occurred while executing com.android.build.gradle.internal.tasks.FinalizeBundleTask$BundleToolRunnable
Is Java completely Platform Independent?
What does it exactly mean to use @DirtiesContext annotation on a class?
Spring JBDC bad SQL grammar on PostgreSQL
Test REST APIs on a real server (without localhost )
How can I pass an array of objects in query params in postman for the post request?
Is there a way to do 24-hour format and 60-minute format in Java?
Removing files installed by previous version in Inno Setup