I do not know if this works but I would try using mod_rewrite and rewrite / to http://[EMAIL PROTECTED]/
Where user is extracted from the x509 DN
--On Freitag, 4. Oktober 2002 8:46 Uhr +0200 [EMAIL PROTECTED] wrote:
Hello all,
I'm trying to do the following and I don't success:
I want to authenticate users against a Apache 2.0.40 proxy using SSL with client certificate authentication. Beyond the proxy, there is a Web server in militarized zone and I want to forward the X.509v3 user certificate to this Web server, in order to perform access control.
I have tried to configure the proxy with SSL and client authentication using certs and the Web server with SSL (without authentication) and, of course, this doesn't work since two different SSL contexts are established: Browser->Proxy and Proxy->SSL, so the information about the SSL channel in the Web server has nothing to do with the browser -> the server doesn't receive the user certificate.
I have also tried to configure the proxy with SSL and client authentication with certs and the Web server without SSL. This works but, obviously, the information about the SSL channel established between the browser and the proxy is not forwarded to the Web server.
I've set "SSLOptions" to "+StdEnvVars +CompatEnvVars +ExportCertData" in the proxy and I wonder if it is possible to forward the environment variables from the proxy to the Web server.
Can any of you give me any ideas?
Thanks in advance,
Miguel Ángel Peña.
pgpufiXvsM26Z.pgp
Description: PGP signature
