All of the client-cert-as-basic-auth-substitute mechanisms we have require you to check the dummy password with a "real" authbasicprovider.
Now that we have the expression parser and AuthBasicFake, would anyone be interested in a AuthBasicProvider that accepted any user with a valid client certificate? Anyone with big concerns? I know there are some other efforts/interest in this area that predate the expression parser and AuthBasicFake -- so those had to be more complex. I think I need this to deprecate a proprietary module, and I don't want to replace it with a proprietary (albeit simple) AuthBasicProvider. -- Eric Covener cove...@gmail.com
