On Tuesday 14 December 2004 11.13, Greg Colla wrote:
> I'm new to Pound, looking for a reverse SSL proxy to connect into a
> subversion service.
>
> Clients will use SSL client side authentication. Proxy will strip SSL and
> forward HTTP to Apache2/Subversion.
>
> Seem to be two issues:
> 1. WebDAV issues - mapping https to http
> 2. Mapping SSL client authentication to Apache authentication
>
> The first issue seems to answered in the Pound 1.8 readme: compiling with
> "WebDAV 1" on, etc.
>
> Is there an answer for the second issue? eg sending the Subject DN + fixed
> password as the HTTP basic authentication to Apache? Anything else?
>
> --
> Greg
As you remark, WebDAV is not a problem.
Mapping HTTPS to Basic Authentication is a function of Apache/mod_ssl. I
suggest you stick to normal Basic Authentication over HTTPS - or modify your
Apache front-end to interpret correctly the certificate contents (which are
made available by Pound). This is really an application issue.
We have had several reports of subversion working fine through Pound, so I
expect it can be done.
--
Robert Segall
Apsis GmbH
Postfach, Uetikon am See, CH-8707
Tel: +41-1-920 4904
|
