RE: Logging SSL-authenticated users

From: Sander Striker <striker_at_apache.org>
Date: 2003-05-15 10:10:54 CEST

> From: Martin v. Lowis [mailto:martin@v.loewis.de]
> Sent: Thursday, May 15, 2003 10:01 AM

> Sander Striker wrote:
> > FakeBasicAuth
> [...]
> > So apparently your certs Subject DN is empty.
>
> Notice that this conclusion, strictly speaking, is invalid:
> All the documentation says is that the standard Basic auth mechanism
> then works. It does *not* state that req->user is set to the DN,
> which is what mod_dav_svn uses.

/me looks at code...

Grmbl. Indeed, mod_ssl sets the Authorization header internally,
so you need to 'Require valid-user' aswell, otherwise r->user won't
get set.

mod_authn_ssl anyone? ;)

Sander

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu May 15 10:11:48 2003

This message: [ Message body ]
Next message: Sander Striker: "RE: Logging SSL-authenticated users"
Previous message: Martin v. Löwis: "Re: Logging SSL-authenticated users"
In reply to: Martin v. Löwis: "Re: Logging SSL-authenticated users"
Next in thread: Martin v. Löwis: "Re: Logging SSL-authenticated users"
Reply: Martin v. Löwis: "Re: Logging SSL-authenticated users"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]