DoD CAC and Apache

Posted on May 7, 2009 by matt

Came across this little blog post about apache config with DoD CAC.

Worked like a champ for me with Apache2.2 and Solaris 10 X86. Now onto to user authentication and access control with this configuration.

Rating: 0.0/10 (0 votes cast)

Rating: 0 (from 0 votes)

Bookmark It

Add to BlinkList

Add to Bloglines

Add to Blogmarks

Add to Connotea

Add to Del.icio.us

Add to DotNetKicks

Add to Facebook

Add to FriendSite

Add to Google Bookmarks

Add to Kaboodle

Add to Mister Wong

Add to Netscape

Add to Newsvine

Add to Slashdot

Add to Stumble Upon

Add to Shoutwire

Add to SphereIt

Add to Technorati

Add to ThisNext

Add to Yahoo My Web

This entry was posted in News, puters. Bookmark the permalink.

2 Responses to DoD CAC and Apache

Mario says:

February 23, 2010 at 4:01 pm

Hi Have you figured out how to do user authentication with the above configuration?

VA:F [1.9.3_1094]
please wait...
Rating: 0.0/5 (0 votes cast)
VA:F [1.9.3_1094]
Rating: 0 (from 0 votes)

Reply
matt says:

March 2, 2010 at 5:39 pm

I am working on a new post with CRL’s. This handles making sure only valid certs are allowed in. Then it is up the applications to handle the authorization. One option is use opensso, there are a few sun.com blogs I have found talking about it.

The trick is merging the SSL_CLIENT_S_DN_CN(unique to everyone) in a friendly name. For me this would have to be across applications if there isn’t an identity server running for everyone. Backend services can be written to supply common data at application registration.

Either way you would have to reach back to an Enterprise service to get “Official” information.

VN:F [1.9.3_1094]
please wait...
Rating: 0.0/5 (0 votes cast)
VN:F [1.9.3_1094]
Rating: 0 (from 0 votes)

Reply

Leave a Reply Cancel reply