[mod_auth] Implement the ssl backend/method
|Missing in 1.5.x:||No|
please let me quote the commit message, which should say it all:
[mod_auth] Implement the ssl backend/method. When SSL client certificate verification if activated (even if not enforced), one can specify a given field of the certificate to be used as the username, making it possible to set access restrictions based on that username. Connecting without a certificate means a denied access to restricted paths (no username). Configuration example: ssl.verifyclient.activate = "enable" ssl.verifyclient.enforce = "disable" # more ssl-related settings auth.backend = "ssl" auth.backend.ssl.field = "SSL_CLIENT_S_DN_CN" auth.require = ( "/any-ssl-user" => ( "require" => "valid-user", "method" => "ssl" ), "/only-specific-ssl-users" => ( "require" => "user=james|user=alec", "method" => "ssl" ) ) Signed-off-by: Cyril Brulebois <email@example.com>
I've tested this successfully on 1.4.28; I've also tried to make sure misconfigurations are detected properly.
The patch applied cleanly on 1.4.32, except for the documentation file that moved under doc/outdated/.
Also available in: Atom