Re: Client Authentication and Access Control
This is a discussion on Re: Client Authentication and Access Control within the Modssl Users forums, part of the Web Server and Related Forums category; Joe Orton wrote: > On Fri, Jun 03, 2005 at 08:56:56AM +0200, Øyvin Sømme wrote: > >&...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
06-14-2005
|
|||
|
|||
Re: Client Authentication and Access Control
Joe Orton wrote:
> On Fri, Jun 03, 2005 at 08:56:56AM +0200, Øyvin Sømme wrote: > >>Method 2 (SSLRequire): >> >> The user-id field is just '-'. >> >>Can I somehow configure apache/mod_ssl to only store certain elements of >>the DN (e.g. the CN in the DN) as the user-id in the access-log? > > > mod_ssl in httpd 2.0 supports the "SSLUsername" directive which allows > this: > > http://httpd.apache.org/docs-2.0/mod...ml#sslusername > > Regards, > > joe > __________________________________________________ ____________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List modssl-users@modssl.org > Automated List Manager majordomo@modssl.org Thanks for a very good suggestion. Seems to be just what I need. So I tried to use the directive 'SSLUserName SSL_CLIENT_S_DN_CN' inside the <IfDefine SSL> </IfDefine> context. This resulted in *no* change in my log files, the user-id field was still '-'. Any idea why it didn't work? Regards Øyvin __________________________________________________ ____________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager majordomo@modssl.org 
|
Linear Mode
