httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <>
Subject SSLUserName -> mod_auth_user
Date Mon, 21 Apr 2014 11:38:48 GMT
Hi all,

Right now, we have the SSLUserName directive, which takes an arbitrary SSL variable and turns
it into a username for the benefit of the request. This has the downside that only SSL variables
(and some CGI variables) are usable as usernames, and it combines with FakeBasicAuth to create
undesirable side effects.

What would be cleaner is if we deprecate SSLUserName and create a mod_auth_user.c module that
declares AuthType User, and then offers a AuthUser directive that sets the user based on an
arbitrary expression from ap_expr.h. This will make client certificates easier to work with,
and provide options for authentication that aren't based purely on logins, such as tokens
in URLs, etc.



View raw message