On 10/13/05, Martin Knoblauch <spamtrap@xxxxxxxxxxxx> wrote: > Hi, > > for a secured webserver, I have the following setup/requirements > > a) HTTPS access only > b) Clients need certificate > c) for different parts of the site, I want to restrict access to > certain certificates. > > a) and b) work great. c) works mostly. I am using the SSLOption > "FakeBasicAuth" to extract the DN from the certificate and check them > against a htpasswd file. This works as expected when one of the > "valid-users" is trying to request the page. If one with a valid > certificate, but nonmatching DN comes along he is not let in (GOOD !!), > but gets the log in pop-up (BAD !!). In that case I would like to > immediately send the "forbidden" response. Is than possible at all? This is just a guess, since I have never used FakeBasicAuth, but you might try ErrorDocument 401 http://yoursite.example.com/errorpage.html This will probably generate a warning in the error_log, since 401 error documents aren't supposed to be absolute URLs. But in this case, the effect of hiding the 401 status code is exactly what you want, so you can ignore the warning. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|