-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all,
I'm investigating using Apache and SSL for (reverse) proxying HTTPS requests;
however, one of the requirements of the task is to have a strong auth
mechanism in place.
I had two ideas, both of which have lead me to a dead end:
1. Use the ProxyPass and ProxyPassReverse directives to authorize
connections, and requiring client certs to authenticate to the server.
2. Using a normal SSL page to authenticate via client certs, and using an
.htaccess file in the DocRoot of the proxy server to auth IP addresses.
Both seemed likely, and both have failed. The first because the directives
don't work as I had hoped, and the second because I can't find anywhere to
put an .htaccess file that makes sense to the <Directory proxy> section.
So, this is a two-part question: first, does anybody have any idea on how to
use .htaccess to control access to the proxy, and/or, does anybody have any
ideas on what will accomplish this task?
Thanks,
Mike
- --
| Mike Murray <[EMAIL PROTECTED]>
| Scientific Technologist http://www.nCircle.com
| nCircle Network Security 415-625-5968
| cell - 415.297.3576
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org
iD8DBQE8UZeJSZ6Dtue7Vb4RAi5kAJ9rxyn5RnAeTzC9uD3iVcCyHeQf4QCeJy6M
cVokVTq+LDvvs6nm4Il0Qnc=
=iaVc
-----END PGP SIGNATURE-----
