Udo Rader wrote: > I am just trying to set up a X.509 client certificates + LDAP based > authorizaton system. > > I've setup all pieces best to my knowledge (mod_ssl, mod_auth_basic, > mod_auth_ldap), but I am still having problems to connect to our LDAP > server because "SSLOption FakeBasicAuth" still explicically requires > "password" as password for each user in order to successfully > authenticate against mod_auth_ldap.
Authenticate or authorise? Are you trying to authenticate the user using SSL certs, and then authorise the user using LDAP? Or do you want users to be authenticated both by SSL client certs and by LDAP? Authenticate: is the user who the user says they are? Authorise: is the user allowed to access the resource? In theory, authenticate using SSL and authorise using LDAP should work, it would be a bug if it doesn't. Authenticating against both cert and LDAP at the same time definitely doesn't work, but shouldn't be too difficult to patch. Regards, Graham --
smime.p7s
Description: S/MIME Cryptographic Signature
