Hi,
I was wondering if there is a way to combine client certificate authentication with an LDAP or database lookup in Apache?
What I mean is:
- Apache performs 2-way SSL handshake with user browser and if that authentication is successful, then
- Apache (some Apache module) gets the CN string from the client certificate and does an LDAP or database lookup of that certificate string, and
- If the lookup is successful, then the request gets processed normally by Apache
- If either the 2-way SSL handshake fails or the LDAP (or database) lookup fails, then Apache returns a 40x response
I've been searching (it SEEMS like this should be possible), but I haven't been able to find an "out-of-box" approach with Apache for doing this yet.
Thanks,
Jim
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|