You are viewing a plain text version of this content. The canonical link for it is here.
Posted to apache-bugdb@apache.org by Kensaku Masuda <gr...@greg.rim.or.jp> on 1999/12/01 16:06:27 UTC
mod_jserv/5402: getRemoteUser() and AuthType() dose not handle pure X.509 authentication
>Number: 5402
>Category: mod_jserv
>Synopsis: getRemoteUser() and AuthType() dose not handle pure X.509 authentication
>Confidential: no
>Severity: critical
>Priority: medium
>Responsible: jserv
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Wed Dec 1 07:10:03 PST 1999
>Last-Modified:
>Originator: greg@greg.rim.or.jp
>Organization:
apache
>Release: 1.3.9
>Environment:
Running with mod_ssl and mod_jserv
>Description:
mod_ssl and mod_jserv are loaded into apache. And protected
by "Require" statement in HTTPS.
In this case, the servlet can not get authenticate information by
getRemoteUser()/AuthType(). jserv have better to give it SSL_*
enviroment values.
>How-To-Repeat:
See description
>Fix:
I can offer few patches. This patches are written for mod_jserv 1.0 release.
Please marge to future or latest release.
begin 664 patch.gz
M'XL(`+TV13@"`Z5286^;,!#]3'[%C2\C(>"0+6I)UXFN1<JZM*L"T;9/R"-7
M0DI,:@-3-?6_SV"0FFE=%\T29V.?WWOG=Y9E@>`QV="*DIPGA.YHO$:R$<@K
M<AG(>)XSAG&1YLRNL^R<IXGV!5=P63(`%T9OII/Q=#(!QW7=GFF:!P(V6!<8
M`S@PEEAOIXZCL#P/+&?D'@V/P&QFYQ@\KP?-&,`=RW\PN_LE:K$KOV=I#$'!
M4Y9`@L4"MWF!2TEO].%GSX)V<"Q*SL!0F7U`5D45Y<*6=PQ]X5]]#OUH&?@+
MO7_2,S4RD$&2SBA;90A!,(_.YQ_]ZS"ZN(:<P2P,;P*5\N$!$HZ)5P>;IUOY
M8O9F!^\^(1/TKH0K*LH5?=\D$QE;K17-2I14<J=9PND_BTMO#77EU2FP,LOJ
M0DU-:TOL@+5'P$S@WEG'L$^P5YVB>%3/*R>U((.!\L<9*7\<YW@X'C_UQVLY
MBG4JY'/?ERB*UP)H6:R1%6E,ZQ8`(;MCBT/(>2,=TEM@.<,7?3V3,.'##@]Q
M]6P9SJ+PVXW_G*<DG`<09ZG4][O.__*XD_?4ZN?]W9=Y@+\OMTY3PE^;IMNV
HI6$T$X:>,[W?GG6,^E=[,G+U&J4AK;_VJ$8Z^4.O_`+2%'MD:00``%^;
`
end
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, you need]
[to include <ap...@Apache.Org> in the Cc line and make sure the]
[subject line starts with the report component and number, with ]
[or without any 'Re:' prefixes (such as "general/1098:" or ]
["Re: general/1098:"). If the subject doesn't match this ]
[pattern, your message will be misfiled and ignored. The ]
["apbugs" address is not added to the Cc line of messages from ]
[the database automatically because of the potential for mail ]
[loops. If you do not include this Cc, your reply may be ig- ]
[nored unless you are responding to an explicit request from a ]
[developer. Reply only with text; DO NOT SEND ATTACHMENTS! ]