This patch allows to identifiy Moin users using SSL
client certificates. Specifically, it uses the common
name and the email address from the cerificate's
subject's distinguished name. Cookies and Moin user ids
are still used, and finding users works like this
1. If there is a cookie, use that
2. If there is no cookie, iterate over all users, and
try to find one with the same email address or where
the X.509 common name is the same as the Moin user name.
3. If no user is found, but either the email address or
the common name is set, create a new user.
This patch works only with Apache mod_ssl, as it relies
on the environment variables SSL_CLIENT_S_DN* being set.
Log in to post a comment.