About FakeBasicAuth

About FakeBasicAuth

am 22.11.2006 10:46:35 von Luis Carlos Peinado Bravo

This is a multi-part message in MIME format.

------_=_NextPart_001_01C70E1B.19CE8406
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Hi, I'm trying to do the following. When users from the Intranet access
to the website nothing will be required but if the users come from the
Internet a client certificate will be required to use it with the basic
authentication using the FakeBasicAuth option. I did what the link
http://www.modssl.org/docs/2.8/ssl_howto.html#ToC10 says but if I come
from the Intranet a client certificate is required (if cancel it I get
access to the webste) and if I come from the Internet a login box pops
up. =20

Could you help me?


------_=_NextPart_001_01C70E1B.19CE8406
Content-Type: text/html;
charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns=3D"http://www.w3.org/TR/REC-html40"
xmlns:ns0=3D"urn:schemas-microsoft-com:office:smarttags">


charset=3Dus-ascii">









style=3D'mso-margin-top-alt:auto;margin-bottom:12.0pt'> size=3D3 face=3D"Times New Roman"> style=3D'font-size:12.0pt'>Hi, I’m
trying to do the following. When users from the Intranet access to the =
website
nothing will be required but if the users come from the Internet a =
client
certificate will be required to use it with the basic authentication =
using the
FakeBasicAuth option. I did what the link href=3D"http://www.modssl.org/docs/2.8/ssl_howto.html#ToC10" >http://www.m=
odssl.org/docs/2.8/ssl_howto.html#ToC10
says but if I come from the Intranet a client certificate is required =
(if cancel
it I get access to the webste) and if I come from the Internet a login =
box pops
up.  



style=3D'mso-margin-top-alt:auto;margin-bottom:12.0pt'> size=3D3 face=3D"Times New Roman"> style=3D'font-size:12.0pt'>Could
you help me?









------_=_NextPart_001_01C70E1B.19CE8406--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: About FakeBasicAuth

am 25.11.2006 05:16:39 von Yvo van Doorn

------=_Part_68375_13569158.1164428199507
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

That seems like an odd way of doing it. Seems more like an apache issue then
anything as this can be achieved with apache's included modules (like
mod_auth and mod_access).

Something like


ServerName example.com
DocumentRoot /great/example/here


Order Allow, Deny
Deny from All
Allow from IP (like 192.168.1 or 192.168 etc)
AuthType Basic
AuthName "Example"
AuthUserFile /path/to/your/htpasswd/file
Satisfy Any




You could easily just change the port to 443 and add the necessary SSL info
to have this work on a SSL'd host.

On 11/22/06, Luis Carlos Peinado Bravo
wrote:
>
> Hi, I'm trying to do the following. When users from the Intranet access
> to the website nothing will be required but if the users come from the
> Internet a client certificate will be required to use it with the basic
> authentication using the FakeBasicAuth option. I did what the link
> http://www.modssl.org/docs/2.8/ssl_howto.html#ToC10 says but if I come
> from the Intranet a client certificate is required (if cancel it I get
> access to the webste) and if I come from the Internet a login box pops up.
>
> Could you help me?
>

------=_Part_68375_13569158.1164428199507
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

That seems like an odd way of doing it. Seems more like an apache issue then anything as this can be achieved with apache's included modules (like mod_auth and mod_access).

Something like

<VirtualHost
192.168.1.1:80>
ServerName
DocumentRoot /great/example/here

<Directory /great/example/here>
Order Allow, Deny
Deny from All
Allow from IP (like
192.168.1 or 192.168 etc)
AuthType Basic
AuthName "Example"
AuthUserFile /path/to/your/htpasswd/file
Satisfy Any
</Directory>

</VirtualHost>

You could easily just change the port to 443 and add the necessary SSL info to have this work on a SSL'd host.


On 11/22/06, Luis Carlos Peinado Bravo <> wrote:













Hi, I'm
trying to do the following. When users from the Intranet access to the website
nothing will be required but if the users come from the Internet a client
certificate will be required to use it with the basic authentication using the
FakeBasicAuth option. I did what the link http://www.modssl.org/docs/2.8/ssl_howto.html#ToC10

says but if I come from the Intranet a client certificate is required (if cancel
it I get access to the webste) and if I come from the Internet a login box pops
up.  



Could
you help me?












------=_Part_68375_13569158.1164428199507--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org