httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Gottschalch <ma...@llbc.de>
Subject Re: [users@httpd] Apache and client certs
Date Thu, 28 Dec 2006 09:53:52 GMT
if you use Apache Reverse Proxy, then SSL Session will be terminated at 
the Reverse Proxy and the SSL Authentication / verification is done by 
reverse proxy

to transport some certificate information to your WebSphere can use:

RequestHeader set "HTTP_USER_ID" %{SSL_CLIENT_S_DN_CN}e

The WebSphere Application now can authorize the user based on http 
header "HTTP_USER_ID", but your application must be able to.

You also may have a look at 
http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#forwardreverse

regards

Manuela.Vorazzo@ssb.it schrieb:
>
> Hello everyone!
> I've an apache 2.2 WebServer that is working as a reverse proxy for a 
> WebSphere application server that is on a separate machine.
>
> Now I have a web application that need an information that is included 
> in a client certificate field (OU).
>
> I would like to know if, with apache, is possible to obtain a 
> configuration where the webserver requires the client cert but doesn't 
> verify it and pass it to the application server that can verify it.
>
> I have such a configuration with IBM http Server. Here there is a 
> directive in the http server configuration file that let you specify 
> "passthrough" value for client cert.
>
>
> Please let me know!
>
> Thanks in advance
>
> Manuela Vorazzo
>  
> \   


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message