[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SSL Authentication



Hi Phil;

On 9/24/07, White, Phil <..hidden..> wrote:
Hi.

I've been playing around with LSMB for a while. Being the paranoid that
I am, and not really wanting to let the world-at-large even to be able
to access the login page, I have now managed to limit access to the
.ledger directory by requiring users to have an SLL certificate (I am
using FakeBasicAuth).

Question:
Each user is uniquely identified by their SSL certificate. Does anyone
have any ideas on how I can automatically pull this username into the
LSMB login screen (therefore *preventing* a login under a different
username), and get the user to enter a password only?

I don't know how to do this directly.  I would, however, take a look at the HTTP environment variables and see what you can find there.  Our login system will be changing (fortunately) in 1.3, so you may wish to wait for that.

Best Wishes,
Chris Travers
 

Best regards,

Phil.

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2005.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Ledger-smb-users mailing list
..hidden..
https://lists.sourceforge.net/lists/listinfo/ledger-smb-users