You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Andrea Palmieri <pa...@eng.it> on 2005/03/22 10:56:51 UTC
how to invalid an SSL session ?
I am writing some modules to do authentication in a reverse proxy scenario.
In a userid-password authentication mechanism I can invalid an authentication session using
$r->note_basic_auth_failure();
return Apache::AUTH_REQUIRED;
In this way I can invalid the authentication session and promt the user once more with the user-id password dialog.
Is there a way to reach the same result using SSL session ?
In this case the client authenticates itself providing a digital certificate (this is done using the "SSLVerifyClient require" directive), but I dont't know how to invalid the SSL session and how to prompt the user with the certificate dialog.
Can anyone help ?
thanks
Andrea