Index: activemq-core/src/main/java/org/apache/activemq/transport/tcp/SslTransportServer.java
===================================================================
--- activemq-core/src/main/java/org/apache/activemq/transport/tcp/SslTransportServer.java	(revision 646684)
+++ activemq-core/src/main/java/org/apache/activemq/transport/tcp/SslTransportServer.java	(working copy)
@@ -41,10 +41,10 @@
 public class SslTransportServer extends TcpTransportServer {
     
     // Specifies if sockets created from this server should needClientAuth.
-    private boolean needClientAuth = false;
+    private Boolean needClientAuth = null;
     
     // Specifies if sockets created from this server should wantClientAuth.
-    private boolean wantClientAuth = false;
+    private Boolean wantClientAuth = null;
     
     
     /**
@@ -71,21 +71,27 @@
      * in the underlying implementation.
      */
     public void setNeedClientAuth(boolean needAuth) {
-        this.needClientAuth = needAuth;
+        this.needClientAuth = new Boolean(needAuth);
     }
     
     /**
      * Returns whether client authentication should be required.
      */
     public boolean getNeedClientAuth() {
-        return this.needClientAuth;
+        if (needClientAuth == null) {
+            return false;
+        }
+        return this.needClientAuth.booleanValue();
     }
     
     /**
      * Returns whether client authentication should be requested.
      */
     public boolean getWantClientAuth() {
-        return this.wantClientAuth;
+        if (wantClientAuth == null) {
+            return false;
+        }
+        return this.wantClientAuth.booleanValue();
     }
     
     /**
@@ -95,7 +101,7 @@
      * in the underlying implementation.
      */
     public void setWantClientAuth(boolean wantAuth) {
-        this.wantClientAuth = wantAuth;
+        this.wantClientAuth = new Boolean(wantAuth);
     }
     
     /**
@@ -107,8 +113,15 @@
      */
     public void bind() throws IOException {
         super.bind();
-        ((SSLServerSocket)this.serverSocket).setWantClientAuth(wantClientAuth);
-        ((SSLServerSocket)this.serverSocket).setNeedClientAuth(needClientAuth);
+        if ((wantClientAuth !=null) && (needClientAuth != null)) {
+            throw new IOException("Invalid broker URL, you can not specify both wantClientAuth and needClientAuth.");
+        }
+        if (wantClientAuth != null) {
+            ((SSLServerSocket)this.serverSocket).setWantClientAuth(getWantClientAuth());
+        }
+        if (needClientAuth != null) {
+            ((SSLServerSocket)this.serverSocket).setNeedClientAuth(getNeedClientAuth());
+        }
     }
     
     /**