httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Graham Leggett" <minf...@sharp.fm>
Subject Re: FakeBasicAuth - a howto anywhere?
Date Thu, 27 Jan 2005 17:07:52 GMT
Mads Toftum said:

> Simple:
>
> SSLOptions +FakeBasicAuth
>
> And then turn on basic auth as you would for plain passwords.
> FakeBasicAuth will then act as if the user entered the certificate DN as
> user and password as password.
> There's an example in my mod_ssl talk from ApacheCon 2004 - see page 19
> of http://cvs.apache.org/~mads/ac2004/MO18mod_ssl.pdf

Read through the example - it requires a password file, which is redundant
(we already keep track of the user's identity via client cert and CRL, we
don't need to check again in a passwd file). Is there a way around this
limitation?

Regards,
Graham
--


Mime
View raw message