Hi:I want to setup apache to request the client certificate and setup the secure connection if the certificate is issued from any of a number of trusted CAs. Then, my handler will check the distinguished name to verify the user is known and give access with that users credentials.
I have two questions:First, this might me a stupid question, but I haven't found (or understood) how this works. When you have multiple handlers each being called in different stages of the request handling, how do you pass information from one handler to the next?
I am thinking of a separate authentication handler (not authorization as that depends on the action the user wants to do), how to I pass on authentication details to the response handler?
Second, my idea is to have one domain name, to authenticate one simply switch to https, the server should request the client certificate. Is this possible? or must I create a separate domain for secure access?
Thanks, Erik -- Ph: +34.666334818 web: http://www.locolomo.org
smime.p7s
Description: S/MIME Cryptographic Signature
