httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Geoffrey Young <>
Subject Re: [PATCH] set username from certificates at a more appropriate time
Date Wed, 02 Feb 2005 13:49:47 GMT

Joe Orton wrote:
> I presume this fixes #31418?  Your patch makes sense to me.  I could
> argue that it could even be done *before* the SSLRequire checking, such
> that the "username" is logged appropriately even if an SSLRequire
> triggers a 403, but I doubt that matters much.

fwiw that's the route that the auth providers took when we last looked at
this - make it possible to log the user, with the understanding that the
user might not have passed the auth process so may be completely bogus.


View raw message