On Sat, Nov 09, 2002 at 02:52:54PM +0100, Florian Weimer wrote: > We are moving to client certificates for authentication on our > internal web sites. So far, we use a rather crude scheme > (all-or-nothing), but we would like to differentiate between clients > in the future. > > Is there are straightforward way to integrate certificate-based > authentication and mod_perl, i.e. access information on the client > certificate from mod_perl? A moderate performance hit is acceptable > because it's for our internal sites only.
Presumably in the worst case, you can do a FakeBasicAuth type trick (I know that this is available in Apache-SSL, I think it's available in mod_ssl too), and access the certificate DN as if it were a userid. MBM -- Matthew Byng-Maddick <[EMAIL PROTECTED]> http://colondot.net/
