> To be honest, I don't know if "ssl" gets set in the other
> contexts. I don't
> think so. I haven't found it, but of course that doesn't mean it isn't
> there. I know it DOES get set for the client->ctx. If you
> want to look at
> it, it gets set in the ssl_hook_NewConnection function of
> ssl
> -Original Message-
> From: Harrington, Thomas [mailto:[EMAIL PROTECTED]]
> Sent: April 09, 2001 2:39 PM
> To: '[EMAIL PROTECTED]'
> Subject: RE: SSL validation
>
>
> > From: Hansknecht, Deborah A [mailto:[EMAIL PROTECTED]]
> > Sent: Mon
> From: Hansknecht, Deborah A [mailto:[EMAIL PROTECTED]]
> Sent: Monday, April 02, 2001 8:44 AM
> To: '[EMAIL PROTECTED]'
> Subject: RE: SSL validation
>
>
> In an authentication module, I wanted to be sure that the server was
> properly configured before even
I'm facing a similar problem. I'm developing a module for Apache (also IIS
and IPlanet) that should validate clients using their certificates against
a directory (LDAP).
The problem with Apache + mod_ssl is that mod_ssl does't 'export' any of
the session variables until late in the fixup stage.
Manne Anliot wrote:
>
> IIS (and IPlanet) has built-in SSL support, no extra modules needed.
To put it another way: Apache has removeable SSL functionality - users
who don't want SSL can run a streamlined server with a smaller memory
footprint. No unnecessary modules need be included.
> haven'
l 2001 11:09
To: [EMAIL PROTECTED]
Subject: Re: SSL validation [solved]
Manne Anliot wrote:
>
> Someone proposed to just parse https from the uri. I can't see how that is
> possible since the webserver only gets "GET /yadda.html HTTP/1.1" from the
> client.
Oops - t
Manne Anliot wrote:
>
> Someone proposed to just parse https from the uri. I can't see how that is
> possible since the webserver only gets "GET /yadda.html HTTP/1.1" from the
> client.
Oops - that was me. I wasn't thinking too straight and confused the
"referer" with the uri (the referer field
" from the
client. The url is based on the document root that is.
Thank you all,
Manne Anliot.
-Original Message-
From: Hansknecht, Deborah A [mailto:[EMAIL PROTECTED]]
Sent: den 2 april 2001 16:44
To: '[EMAIL PROTECTED]'
Subject: RE: SSL validation
In an authentication mo
--- Manne Anliot <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> New to mod_ssl I've stumled upon a very disturbing problem: I'm
> coding an Apache module that needs to know whether we have a secure
> (SSL) connection or not in the URI Translation phase. We've solved
> this problem on for example MS II
SL Connection - Ker
uthentication not allowed");
return HTTP_FORBIDDEN;
Maybe it will help.
Deborah Hansknecht
Sandia National Laboratories
[EMAIL PROTECTED]
505 844-6532
> -Original Message-
> From: Manne Anliot [mailto:[EMAIL PROTECTED]]
> Sent: April 02, 2001 4:41 AM
> To
Manne Anliot wrote:
> So in short: How can a module check if the current request is a secure one?
> (without workarounds à la specifying secure ports in configuration files
> etc)
Why is this a "workaround"? This is exactly how SSL is supposed to work.
If you set up a separate VirtualHost on port
Hi all,
New to mod_ssl I've stumled upon a very disturbing problem: I'm coding an
Apache module that needs to know whether we have a secure (SSL) connection
or not in the URI Translation phase. We've solved this problem on for
example MS IIS by checking SSI/CGI environments with the standard SSL
12 matches
Mail list logo
