Müller Johannes wrote:
we want to use client authorization against LDAP using client certificates on Apache webserver 2.2. Unfortunately this is not possible with Apache webserver at the current state of development. There have been third party modules (ModXAuthLDAP, mod_authz_ldap) in the past which did this task quite well. But they haven’t been updated for years and therefore do not work with httpd newer than 2.0. Therefore my company has put some effort in developing a reasonable solution for its needs.
I think the thing that is missing is that the FakeBasicAuth option within mod_ssl should flag the request to say that a password isn't necessary.
mod_authnz_ldap (and others) should then be taught to recognise this flag within the request, and not test the password if this is the case.
Regards, Graham --
smime.p7s
Description: S/MIME Cryptographic Signature
