[
https://issues.apache.org/jira/browse/TS-1584?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13502288#comment-13502288
]
Igor Galić commented on TS-1584:
--------------------------------
+1
--
Sent from my Android phone with K-9 Mail. Please excuse my brevity.
> Exposing client SSL certificate verification result in plugin API
> ------------------------------------------------------------------
>
> Key: TS-1584
> URL: https://issues.apache.org/jira/browse/TS-1584
> Project: Traffic Server
> Issue Type: Improvement
> Components: SSL, TS API
> Affects Versions: 3.3.4
> Reporter: Thach Tran
> Priority: Minor
> Labels: patch
> Attachments:
> 0001-Exposing-client-ssl-certificate-verification-result-.patch
>
>
> I'm writing an authentication plugin for traffic server and would like to
> implement the following logic:
> * If the client supplies valid certificate over ssl, allow the transaction
> to proceed with no further authentication.
> * Otherwise challenge the client with username/password authentication.
> Currently if I turn on client certificate checking in TS
> (proxy.config.ssl.client.certification_level > 0), the result of the client
> certificate verification happens at the SSLNetVConnection level and plugin
> hooks have no knowledge of this. This makes implementing the aforementioned
> logic not possible.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
