Can anyone explain to me why the following doesn't work:
satisfy any
#
# 500 error and nothing in the error log unless AuthType
# is also set -- even through we're not using that sort of
# authentication.
#
AuthType basic
<LIMIT GET>
order deny,allow
deny from all
# allow from a bunch of addresses
</LIMIT>
<IfDefine SSL>
SSLRequire %{SSL_CLIENT_I_DN_O} eq "MIT Laboratory for Computer Science"
#SSLOptions +FakeBasicAuth
</IfDefine>
There is an SSLRequireSSL in the SSL vhost section of the main config
file, but the results seem to be the same both with and without. The
version I am using is apache+mod_ssl-1.3.26+2.8.10 with system OpenSSL
0.9.6e.
In case it's not obvious, this is intended to allow anyone with a
certificate issued by our CA (when using SSL) or certain local
addresses (when not using SSL). FakeBasicAuth is not useful to us in
this situation as the whole purpose of doing the certificate thing is
to avoid us having to distinguish or keep track of individual users.
-GAWollman
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
