to transport some certificate information to your WebSphere can use:
RequestHeader set "HTTP_USER_ID" %{SSL_CLIENT_S_DN_CN}e
The WebSphere Application now can authorize the user based on http
header "HTTP_USER_ID", but your application must be able to.
You also may have a look at http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#forwardreverse
regards Manuela.Vorazzo@xxxxxx schrieb:
Hello everyone!I've an apache 2.2 WebServer that is working as a reverse proxy for a WebSphere application server that is on a separate machine.Now I have a web application that need an information that is included in a client certificate field (OU).I would like to know if, with apache, is possible to obtain a configuration where the webserver requires the client cert but doesn't verify it and pass it to the application server that can verify it.I have such a configuration with IBM http Server. Here there is a directive in the http server configuration file that let you specify "passthrough" value for client cert.Please let me know! Thanks in advance Manuela Vorazzo\
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|