Matthew Byng-Maddick <[EMAIL PROTECTED]> writes: >> Is there are straightforward way to integrate certificate-based >> authentication and mod_perl, i.e. access information on the client >> certificate from mod_perl? A moderate performance hit is acceptable >> because it's for our internal sites only. > > Presumably in the worst case, you can do a FakeBasicAuth type trick (I > know that this is available in Apache-SSL, I think it's available in > mod_ssl too), and access the certificate DN as if it were a userid.
Hmm, this is a bit lame, but it might do the job, yes. I had incorrectly assumed that a separate file listing the DN -> user name mapping was required, but this doesn't seem to be the case. -- Florian Weimer [EMAIL PROTECTED] University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT fax +49-711-685-5898
