Hi,
I've been trying rather unsuccessfully to write an Authen handler that
is able to detect an SSL connection and use the SSL certificate serial
as an index into a database table.
The problem I'm facing is how to discover the SSL connection information
in an Authen handler.
At a later phase, the SSL certificate is available in
$r->subprocess_env(), in various forms. I can, for example, turn on
SSLOptions +StdEnvVars and access
$r->subprocess_env("SSL_CLIENT_M_SERIAL") and get what I'd expect.
However, authenticating and authorizing in the Response phase has
several downsides. The first is that there are phases specifically for
this work. The second is that if (when) I want to replace SSL
authentication with Basic, or with JRandomAuthenModule, I'll have to
modify my Response handler, or have it do an ifthenelsifthenelse block.
So, from reading the mod_ssl source, it appears all the information I
want is attached to the request object in a pool. APR::Pool has no
manpage, I can't figure out how APR::Pool ties into the mod_perl source
code, and basically I'm completely stuck with no idea how to, or even if
I can, access this information.
Little help?
--
bje
