[horde] Horde authentication with client SSL digital certificates

[Jan Schneider]

Zitat von Cliff Green <green at umdnj.edu>:

> On Jun 4 at 10:23pm, Fabio Pietrosanti wrote:
>
> FP> I would like to know about which can be modules that would need to be
> FP> modified in order to be able to authenticate users with client side SSL
> FP> certificates.
> FP>
> FP> Are there some quick hack to implement such kind of functionality?
>
> You should be able to use the Basic Auth backend.  Apache, for example,
> uses the 'FakeBasicAuth' directive to permit this (see below), and *I'm
> going to assume you're using Apache* - these comments probably won't help
> if you're not.  You may have to use 'plain' as the password encryption
> type (dunno, haven't tried this with Horde), but if you're using Apache as
> your webserver, you would setup authentication within either the virtual
> host or directory directive stanza for your Horde services.  You should
> read the SSL/TLS Strong Encryption How-To in the Apache man pages,
> specifically looking for Client Authentication, since YMMV.  After that,
> you'll have to work out some kind of hook to allow authentication to your
> mail backend (I'm assuming some other service, like imap, since you didn't
> go into any detail about the relationship between your Horde server and
> what services you're offering).
>
> However, we've used the following directives successfully:

Can you create a wiki page on wiki.horde.org with this information?  
Might be useful for others too.

Jan.

-- 
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/