-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all,
I'm investigating using Apache and SSL for (reverse) proxying HTTPS requests;
however, one of the requirements of the task is to have a strong auth
mechanism in place.
I had two ideas, both of which have lead me to a dead end:
1. Use the ProxyPass and ProxyPassReverse directives to authorize
connections, and requiring client certs to authenticate to the server.
2. Using a normal SSL page to authenticate via client certs, and using an
.htaccess file in the DocRoot of the proxy server to auth IP addresses.
Both seemed likely, and both have failed. The first because the directives
don't work as I had hoped, and the second because I can't find anywhere to
put an .htaccess file that makes sense to the <Directory proxy> section.
So, this is a two-part question: first, does anybody have any idea on how to
use .htaccess to control access to the proxy, and/or, does anybody have any
ideas on what will accomplish this task?
Thanks,
Mike
- --
| Mike Murray <[EMAIL PROTECTED]>
| Scientific Technologist http://www.nCircle.com
| nCircle Network Security
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org
iD8DBQE8UJ1WSZ6Dtue7Vb4RAsDDAJwMg0CCcY70/0ombK2ryyN7LkF1ugCfQHsy
42fEW4GwPOUph+5Jo8tQPBo=
=gyM/
-----END PGP SIGNATURE-----
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
