Sent: Tue Jun 05 2012 15:59:40 GMT-0400 (EDT)|
From: Michael Ströder <email@example.com>
To: Patrick Hemmer <firstname.lastname@example.org> email@example.com
Subject: Re: ACL rule match if client certificate was used?
Patrick Hemmer wrote:Is there any way to create an ACL rule which will match if a client certificate was used on the connection or not?This is usually not done via ACLs. Basically you define an appropriate authz-regexp to map the subject DN of the cert (part of authc-DN) to an LDAP entry DN (authz-DN). Then your client has to send a SASL bind request with mechanism EXTERNAL. Ciao, Michael.
Unfortunately I'm not using SASL, I'm doing simple binds.