On 17 Jul 2013, at 4:44 PM, Eric Covener <cove...@gmail.com> wrote: > All of the client-cert-as-basic-auth-substitute mechanisms we have > require you to check the dummy password with a "real" > authbasicprovider. > > Now that we have the expression parser and AuthBasicFake, would anyone > be interested in a AuthBasicProvider that accepted any user with a > valid client certificate? Anyone with big concerns? > > I know there are some other efforts/interest in this area that predate > the expression parser and AuthBasicFake -- so those had to be more > complex. > > I think I need this to deprecate a proprietary module, and I don't > want to replace it with a proprietary (albeit simple) > AuthBasicProvider.
+1. I would add this to mod_ssl though, rather than trying to make something like mod_auth_basic aware of this. Regards, Graham --