SSL Proxy with Strong Authentication

[Mike Murray <mm...@ncircle.com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi all,

I'm investigating using Apache and SSL for (reverse) proxying HTTPS requests; 
however, one of the requirements of the task is to have a strong auth 
mechanism in place.  

I had two ideas, both of which have lead me to a dead end:

1.  Use the ProxyPass and ProxyPassReverse directives to authorize 
connections, and requiring client certs to authenticate to the server.

2.  Using a normal SSL page to authenticate via client certs, and using an 
.htaccess file in the DocRoot of the proxy server to auth IP addresses.  

Both seemed likely, and both have failed.  The first because the directives 
don't work as I had hoped, and the second because I can't find anywhere to 
put an .htaccess file that makes sense to the <Directory proxy> section.

So, this is a two-part question: first, does anybody have any idea on how to 
use .htaccess to control access to the proxy, and/or, does anybody have any 
ideas on what will accomplish this task?

	Thanks,
		Mike

- -- 
| Mike Murray                    <mm...@nCircle.com>
| Scientific Technologist       http://www.nCircle.com
| nCircle Network Security      
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE8UJ1WSZ6Dtue7Vb4RAsDDAJwMg0CCcY70/0ombK2ryyN7LkF1ugCfQHsy
42fEW4GwPOUph+5Jo8tQPBo=
=gyM/
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org