[Date Prev][Date Next]
Re: SASL/EXTERNAL - why/how?
--On Monday, July 05, 2004 2:56 PM +0200 Turbo Fredriksson
"Quanah" == Quanah Gibson-Mount <firstname.lastname@example.org> writes:
>> From what I could gather, nothing else accepts a SSL
>> certificate as authentication method, so other than the LDAP
>> connection, the authentication mechanism is 'useless'... What
>> did I miss?
Quanah> I'm not quite sure what you mean here by "nothing else".
Quanah> Lots of software bits use cert authentication.
Such as? I couldn't find any (and yes, I checked google - obviosly
not with the correct search string :)...
Well, for one example, we use cert authentication with our XML Document
service, that runs via Apache and Tomcat. The cert is presented to the
Apache server, which validates the cert, and then allows access to the XML
Example from the Apache conf file:
# Remove EXP-RC2-CBC-MD5 for greater security
#SSLOptions +StdEnvVars +OptRenegotiate +ExportCertData
SSLOptions +StdEnvVars +ExportCertData
Or, you can search for "cert authentication" at Google, it comes back
Principal Software Developer
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html