Thanks for the reply Tom. I have an application in JBoss setup with a CLIENT_CERT mode of authentication. When a user tries to access a secure URL, the JAAS login modules kicks off, captures the client certificate and extracts the CN data from it for authorization. With the current setup, I cannot change the authentication to read from HTTP headers. I was just hoping that there may be some apache module that can pass along the client cert as is.
Thanks, Yasser On Thu, Mar 3, 2011 at 12:45 PM, Tom Evans <tevans...@googlemail.com> wrote: > On Thu, Mar 3, 2011 at 5:12 PM, yasser arafat <yarafa...@gmail.com> wrote: > > Hello all, > > > > My JBoss app server has mutual SSL authentication setup (We do some > > processing based on the client certificate). > > > > I need to have a web server in front of JBoss. Which is the best apache > > module that can do an SSL passthrough to JBoss? > > > > > > > > Thank and regards, > > > > Yasser > > > > > > There is no such thing as SSL pass through - SSL is an end to end > encryption protocol, there can be no middle. > > You can do SSL termination on apache and forward the appropriate > sections of the client certificate through to jboss as custom HTTP > headers. You cannot do SSL termination on apache and re-present the > client certificate to jboss. > > Cheers > > Tom > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > " from the digest: users-digest-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > >