httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject DO NOT REPLY [Bug 48780] Enable mod_authnz_ldap to accept valid client certificates as sufficient authentication
Date Thu, 25 Feb 2010 01:10:58 GMT

--- Comment #4 from Peter Thomas <> 2010-02-25 01:10:56 UTC ---
(In reply to comment #2)
> IMO cert-based authn or authz belongs outside of LDAP.  LDAP could have a

I think you're right -- c.f. discussion in Bug #31418 -- we can probably fix
the behavior higher up in the stack by making the behavior of +FakeBasicAuth
more flexible.

I actually got everything "behaving" by using mod_auth_anon, but the one-line
version of the subject DN does not match the LDAP entryDN, so authorization by
mod_authnz_ldap still failed--but at least I got that far!

Configure bugmail:
------- You are receiving this mail because: -------
You are the assignee for the bug.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message