Edgewall Software

Changes between Version 2 and Version 3 of TracClientCertificates


Ignore:
Timestamp:
Sep 7, 2008, 6:52:22 AM (16 years ago)
Author:
Florian Grandel <jerico.dev@…>
Comment:

Clarification

Legend:

Unmodified
Added
Removed
Modified

  • TracClientCertificates

    v2 v3  
    3030Virtual host configuration:
    3131{{{
    32 ...
    33 SSLEngine on
     32<VirtualHost xxx.xxx.xxx.xxx:443>
     33  ...
     34  SSLEngine on
     35  ...
    3436
    35 <Location /trac>
     37  <Directory />
     38    # We have to require SSL for the whole vhost to enforce
     39    # client certificate authentication.
     40    SSLRequireSSL
     41    ...
     42  </Directory>
     43
     44  <Location /trac>
     45    # Here comes your trac CGI/FCGI/mod_python configuration
     46    ...
     47  </Location>
     48
     49  <Location /login>
     50    # We do NOT use basic authentication here. Rather than setting REMOTE_USER
     51    # through apache's HTTP authentication mechanisms we'll set it directly as
     52    # the client certificate's common name.
     53    SSLUserName SSL_CLIENT_S_DN_CN
     54  </Location>
     55
    3656  ...
    37   SSLRequireSSL
    38   ...
    39 </Location>
    40 
    41 <Location "/login">
    42   # Rather than setting REMOTE_USER through basic authentication
    43   # we'll set it directly as the client's certificate's common name.
    44   SSLUserName SSL_CLIENT_S_DN_CN
    45 </Location>
     57</VirtualHost>
    4658}}}