Wayne, have you looked into the SSLOptions +FakeBasicAuth directive? regards, tt 317-510-5987
-----Original Message----- From: Wayne S. Frazee [mailto:[EMAIL PROTECTED] Sent: Monday, December 13, 2004 12:49 PM To: [EMAIL PROTECTED] Subject: Auth LDAP Authentication of Client SSL I am interested in constructing an environment where an identity token is stored on a user-specific hardware (eg keyfob or smartcard) and the matching token is in an LDAP directory. After looking through the Apache 2 mod_auth_ldap documentation, it occured to me that the base functionality for the check is there, so long as there isa way to pass along what cart or whatever is being used in the connection. And there is the rub. As near as I can tell, the only SSL info availible is on specifying a trusted CA for cert origination in the case of an ldaps-based identity query, NOT for client verification and authentication. Do the mod_auth_ldap directives somehow allow me to do an X509 client cert/token match? -- -------------------- Wayne S. Frazee "Any sufficiently developed bug is indistinguishable from a feature."
ATT00011.dat
Description: PGP signature
