[Moin-devel] [ moin-Patches-736885 ] Identify users using client certificates
SourceForge.net
noreply at sourceforge.net
Wed Jan 5 11:59:03 EST 2005
Patches item #736885, was opened at 2003-05-13 09:45
Message generated for change (Comment added) made by alexanderweb
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=308482&aid=736885&group_id=8482
Category: None
Group: None
Status: Open
Resolution: None
Priority: 5
Submitted By: Martin v. Löwis (loewis)
Assigned to: Thomas Waldmann (thomaswaldmann)
Summary: Identify users using client certificates
Initial Comment:
This patch allows to identifiy Moin users using SSL
client certificates. Specifically, it uses the common
name and the email address from the cerificate's
subject's distinguished name. Cookies and Moin user ids
are still used, and finding users works like this
1. If there is a cookie, use that
2. If there is no cookie, iterate over all users, and
try to find one with the same email address or where
the X.509 common name is the same as the Moin user name.
3. If no user is found, but either the email address or
the common name is set, create a new user.
This patch works only with Apache mod_ssl, as it relies
on the environment variables SSL_CLIENT_S_DN* being set.
----------------------------------------------------------------------
>Comment By: Alexander Schremmer (alexanderweb)
Date: 2005-01-05 20:58
Message:
Logged In: YES
user_id=254738
So, will someone adapt the patch to 1.3?
----------------------------------------------------------------------
Comment By: Martin v. Löwis (loewis)
Date: 2004-09-25 09:07
Message:
Logged In: YES
user_id=21627
I can certainly test it, yes.
----------------------------------------------------------------------
Comment By: Thomas Waldmann (thomaswaldmann)
Date: 2004-09-25 04:13
Message:
Logged In: YES
user_id=100649
Martin, I don't think any of the devels uses client
certificates, so we could not test it.
Would you test it if we include your patch into 1.2.x (and
later, into 1.3)?
I would make the necessary changes to adapt it to the
current version (like using request object).
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=308482&aid=736885&group_id=8482
More information about the Moin-devel
mailing list