httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "TAYLOR, TIM \(CONTRACTOR\)" <TIM.TAY...@DFAS.MIL>
Subject FW: Auth LDAP Authentication of Client SSL
Date Mon, 13 Dec 2004 18:26:59 GMT
Wayne,
  have you looked into the SSLOptions +FakeBasicAuth directive?

regards,
tt
317-510-5987

-----Original Message-----
From: Wayne S. Frazee [mailto:wfrazee@wynweb.net]
Sent: Monday, December 13, 2004 12:49 PM
To: dev@httpd.apache.org
Subject: Auth LDAP Authentication of Client SSL


I am interested in constructing an environment where an identity token
is 
stored on a user-specific hardware (eg keyfob or smartcard) and the
matching 
token is in an LDAP directory.  After looking through the Apache 2 
mod_auth_ldap documentation, it occured to me that the base
functionality for 
the check is there, so long as there isa way to pass along what cart or 
whatever is being used in the connection.  

And there is the rub.  As near as I can tell, the only SSL info
availible is 
on specifying a trusted CA for cert origination in the case of an
ldaps-based 
identity query, NOT for client verification and authentication.

Do the mod_auth_ldap directives somehow allow me to do an X509 client 
cert/token match?
-- 
--------------------
Wayne S. Frazee
"Any sufficiently developed bug is indistinguishable from a feature."

Mime
View raw message