httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Browder <tom.brow...@gmail.com>
Subject [users@httpd] Re: Want friendly error message for failed attempt to access a restricted directory
Date Wed, 11 May 2016 13:35:53 GMT
On Wednesday, May 11, 2016, Marat Khalili <mkh@rqc.ru> wrote:
> There's no code at all. HTTP connection is not even established. I don't think it can
be easily solved. You have to ALLOW connections from clients without valid certificate in
order to send them your custom message, and resulting reduction of security probably does
not worth it.

Actually I do allow them to the site:

  https://usafa-1965.org

and they can get to the restricted area entry page:

  https://usafa-1965.org/login/index.html

but they presently get an error when they click on the "Enter
Restricted Area" button which calls a CGI script in the restricted
area.

Is there any way via CGI to check for a valid client cert?  If so, I
could interject another script to do that at the Enter button.

-Tom

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message