I''m trying to add SSL certificate-based authentication to an existing Rails application. I''m running into major problems because I can''t find a way to determine *which* certificate was used for authentication. With CGI, Apache (2.0.5x) would add environment variables to tell me about the certificate used, but they don''t seem to be available with FastCGI. I can''t use Apache''s "fake basic authentication using certificate data" because I need to keep an existing API that already uses basic authentication for a separate part of the authentication puzzle. I''ve seen suggestions that the CGI environment variables should be mirrored in @request or in @cgi.env_table, but I can''t see anything useful in either of these. Help? Scott
+1 On 7/14/05, Scott Laird <scott-c0OrwTTxxVVAfugRpC6u6w@public.gmane.org> wrote:> I''m trying to add SSL certificate-based authentication to an existing > Rails application. I''m running into major problems because I can''t > find a way to determine *which* certificate was used for > authentication. With CGI, Apache (2.0.5x) would add environment > variables to tell me about the certificate used, but they don''t seem > to be available with FastCGI. > > I can''t use Apache''s "fake basic authentication using certificate > data" because I need to keep an existing API that already uses basic > authentication for a separate part of the authentication puzzle. > > I''ve seen suggestions that the CGI environment variables should be > mirrored in @request or in @cgi.env_table, but I can''t see anything > useful in either of these. > > Help? > > > Scott > _______________________________________________ > Rails mailing list > Rails-1W37MKcQCpIf0INCOvqR/iCwEArCW2h5@public.gmane.org > http://lists.rubyonrails.org/mailman/listinfo/rails >
On Jul 14, 2005, at 2:25 PM, Wes Kurdziolek wrote:> +1 > > On 7/14/05, Scott Laird <scott-c0OrwTTxxVVAfugRpC6u6w@public.gmane.org> wrote: > >> I''m trying to add SSL certificate-based authentication to an existing >> Rails application. I''m running into major problems because I can''t >> find a way to determine *which* certificate was used for >> authentication. With CGI, Apache (2.0.5x) would add environment >> variables to tell me about the certificate used, but they don''t seem >> to be available with FastCGI. >> >> I can''t use Apache''s "fake basic authentication using certificate >> data" because I need to keep an existing API that already uses basic >> authentication for a separate part of the authentication puzzle. >> >> I''ve seen suggestions that the CGI environment variables should be >> mirrored in @request or in @cgi.env_table, but I can''t see anything >> useful in either of these.Found it--it''s in request.env. That''s a method, not an accessor, so request.inspect didn''t see it. Scott