Thanks Boyle,
I have read the document and did some googling. I am using version
2.0.49 and wrote the below config to achive my goal :
RewriteEngine On
RewriteOptions MaxRedirects=10
RewriteLog "/home/alpayo/rewrite.log"
RewriteLogLevel 5
RewriteCond %{ENV:SSL_CLIENT_S_DN} (.*)
RewriteRule .* - [E=FORWARD_CERT:%1]
RequestHeader add APACHE_CLIENT_CERT_HARD %{FORWARD_CERT}e
After this config, I see from tomcat side that APACHE_CLIENT_CERT_HARD
is added to http headers but its value is null and I could not find
anything to overcome this problem. And nothing is written to the log
file in /home/alpayo/rewrite.log.
Does anybody have a solution for this?
Thanks and Regards,
Alpay
2005/10/25, Boyle Owen <[EMAIL PROTECTED]>:
> > -----Original Message-----
> > From: Alpay Ozturk [mailto:[EMAIL PROTECTED]
> > Sent: Dienstag, 25. Oktober 2005 09:56
> > To: [email protected]
> > Subject: [EMAIL PROTECTED] Pass client certificate thorough
> > apache to tomcat
> >
> >
> > Hi All,
> >
> > I have set up apache and tomcat where ssl requests are handled at
> > apache and requests are forwarded to tomcat behind. Apache is handling
> > the ssl issues and also requesting a client certificate. No problem so
> > far, server and client certificates are exchanged during ssl session
> > setup. What I need to do is to forward some of the information in the
> > client certificate from apache to tomcat since application running on
> > Tomcat needs this information. Can you guide me where to start?
>
> Probably you want to grab the info as environment variables in apache and
> then pass them to Tomcat: See
>
> http://www.modssl.org/docs/2.8/ssl_reference.html#ToC25
> http://httpd.apache.org/docs/1.3/env.html#using
>
> Rgds,
> Owen Boyle
> Disclaimer: Any disclaimer attached to this message may be ignored.
>
> >
> > Thanks,
> >
> > Alpay
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP
> > Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > " from the digest: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
> Diese E-mail ist eine private und persönliche Kommunikation. Sie hat keinen
> Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This e-mail is of a
> private and personal nature. It is not related to the exchange or business
> activities of the SWX Group. Le présent e-mail est un message privé et
> personnel, sans rapport avec l'activité boursière du Groupe SWX.
>
>
> This message is for the named person's use only. It may contain confidential,
> proprietary or legally privileged information. No confidentiality or
> privilege is waived or lost by any mistransmission. If you receive this
> message in error, please notify the sender urgently and then immediately
> delete the message and any copies of it from your system. Please also
> immediately destroy any hardcopies of the message. You must not, directly or
> indirectly, use, disclose, distribute, print, or copy any part of this
> message if you are not the intended recipient. The sender's company reserves
> the right to monitor all e-mail communications through their networks. Any
> views expressed in this message are those of the individual sender, except
> where the message states otherwise and the sender is authorised to state them
> to be the views of the sender's company.
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> " from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
