[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Announcing mod_ssl_user

From: Martin v. Löwis <martin_at_v.loewis.de>
Date: 2003-06-20 20:34:48 CEST

Mukund <mukund@tessna.com> writes:

> Personally, I would like an option to use an extension to specify
> the username in client certificates rather than fields in the subject DN.
> This is because we already use the fields in the subject DN (CN to indicate
> the real name of the person for example).

Well, we have apparently different ideas of what a user name is. To
me, the "real name of the person" is a much better user name than
any "username". For example, having the real name of the person show
up in 'svn log' is much better than having its userid being logged.

So I set

SSLUserName SSL_CLIENT_S_DN_CN

in httpd.conf, and get all users logged with their real names. Why
would I want to log account names instead?

> Does mod_ssl support reading extension fields into environment variables?

There is an environment variable copying the entire certificate, if
you want that. Copying specific extension fields is not supported.

Regards,
Martin

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Jun 20 20:35:54 2003

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.