|
I am writing some modules to do authentication
in a reverse proxy scenario.
In a userid-password authentication mechanism I can
invalid an authentication session using
$r->note_basic_auth_failure();
return Apache::AUTH_REQUIRED; In this way I can invalid the authentication
session and promt the user once more with the user-id password
dialog.
Is there a way to reach the same result
using SSL session ?
In this case the client authenticates itself
providing a digital certificate (this is done using the "SSLVerifyClient require" directive), but I dont't know how to invalid the
SSL session and how to prompt the user with the certificate dialog.
Can anyone help ?
thanks
Andrea |
