On Fri, Jul 4, 2008 at 5:43 AM, Müller Johannes <[EMAIL PROTECTED]> wrote: > Well, this would require quite big changes to all authentication modules, i > guess. > I think, the better way would be to skip authentication completely in > mod_auth_basic in case the user is set in the request object, because the > user is already authenticated somehow through mod_ssl.
Your solution 2 is not difficult at all, and you don't even really need to use a new AuthType. Simply returning OK or DECLINED from your new modules early ap_hook_check_user_id, and letting authz run as normal, is sufficient for cert-based auth. -- Eric Covener [EMAIL PROTECTED]
