[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: short user names with ssl client certs?

From: Dominic Mitchell <dom_at_happygiraffe.net>
Date: 2005-01-21 21:35:10 CET

On Fri, Jan 21, 2005 at 05:26:46PM +0100, Andreas Jellinghaus wrote:
> Hi,
>
> I'd like to use apache with ssl and client certificates for
> authentication. Unfortunalty I created the certificates so
> far with my full name in CN and my email address in E=.
>
> Can I somehow map the long string (provided by FakeBasicAuth)
> to something short that will show up in the svn log?
>
> for example map "/CN=Andreas
> Jellinghaus/emailAddress=aj@dungeon.inka.de" to "aj" ?

You should be able to use a small mod_perl2 handler to fix this.
Assuming you've got mod_perl2 installed that is. Something like this
might work (untested).

    # FixupFakeBasicAuth.pm
    package FixupFakeBasicAuth;
    use strict;
    use mod_perl 1.99_12;
    use Apache::Const -compile => qw( OK );
    use Apache::RequestRec ();

    # Pull out the username from the email and set it to be the
    # username.
    sub handler {
        my $r = shift;
        my ( $uid ) = $r->user =~ m/emailAddress=([^@]+)@/i;
        $r->user( $uid ) if $uid;
        return Apache::OK;
    }
    1;

You need to configure it like this:

    PerlModule Apache2
    PerlModule FixupFakeBasicAuth
    <Location /svn>
        PerlFixupHandler FixupFakeBasicAuth
    </Location>

-Dom

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Jan 21 21:37:35 2005

This is an archived mail posted to the Subversion Users mailing list.