Authentication handling to access a Web Service

Hello,

I have to deploy experimental web services and to limit their access to a=20
limited (but varying) list of people (well, computers). The web services ar=
e=20
developed in C++ using gsoap.

The solution used is to hide the services behind an Apache server using=20
mod_proxy to redirect queries to the services.

The authentication is handled through mod_ssl asking to present a certifica=
te=20
and filtering users on their DN.

Everything works but I'm not administrator of the Apache server. Thus, I=20
cannot edit myself the virtual host SSLRequire definition. I have to ask to=
=20
the administrator through a somewhat long process.

We think that we could place the SSLRequire in a .htaccess of a folder I wo=
uld=20
have the rights on, the mod_proxy handled folders being subfolders of this=
=20
one. The problem here is that the proxying is applied before the SSL=20
certificate verification.

Is there a way to allow me to modify the authorized certificates list witho=
ut=20
having full administrative rights ?

Thanks in advance.

Regards,

Gaël

PS: below are some parts of my configuration files
mod_proxy.conf
ProxyPass /a/service http://localhost:10001/

/etc/httpd/conf/vhosts.d/01_default_ssl_vhost.conf
SSLVerifyClient require
SSLVerifyDepth 10

a/.htaccess
SSLRequireSSL
SSLRequire ( %{SSL_CLIENT_S_DN_CN} =3D~ m/MY CN/ )

=2D-=20
Gael de Chalendar
CEA-LIST
Centre de Fontenay-aux-Roses
Laboratoire d'Ingénierie de la Connaissance Multimédia Multilingu=
e (LIC2M)
(Multimedia and Multilingual Knowledge Engineering Laboratory)
Bat. 38-2 ; 18, rue du Panorama ; BP 6
92265 Fontenay aux Roses Cedex ; France
Tél.:01.46.54.80.18 ; Fax.:01.46.54.75.80
Email : Gael.D.O.T.de-Chalendar.A@T.cea.D.O.T.fr
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org