Re: commit-email.pl and client certificates

From: André Malo <nd_at_perlig.de>
Date: 2005-01-27 15:06:57 CET

* "Graham Leggett" <minfrin@sharp.fm> wrote:

> Ben Collins-Sussman said:
>
> > Why don't you show us what you're doing?
> >
> > The docs (http://httpd.apache.org/docs-2.0/mod/mod_ssl.html) say that
> >
> > SSLOptions +FakeBasicAuth
>
> The above is exactly what I am doing - adding the FakeBasicAuth option to
> SSLOptions.
>
> > Sounds like you'll need a password file.
>
> Hmmm - if this is a prerequisite then httpd is broken. Issuing client
> certs and then duplicating the work by listing the client certs in a
> passwd file is extra administration we would rather avoid.

Nope. The idea behind this is to specify the particular client certs, that
are authorized to acess. You can use group and user authorization for fine
grained access control.

Hmm. mod_authn_anon in 2.1 knows about a userid wildcard (*), perhaps this
should be backported to 2.0.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Jan 27 15:08:16 2005

This message: [ Message body ]
Next message: Graham Leggett: "Re: commit-email.pl and client certificates"
Previous message: Graham Leggett: "Re: commit-email.pl and client certificates"
In reply to: Graham Leggett: "Re: commit-email.pl and client certificates"
Next in thread: Graham Leggett: "Re: commit-email.pl and client certificates"
Reply: Graham Leggett: "Re: commit-email.pl and client certificates"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]