Bug 20957

Summary: New option SSLUserName
Product: Apache httpd-2 Reporter: Martin v. L <martin>
Component: mod_sslAssignee: Apache HTTPD Bugs Mailing List <bugs>
Status: CLOSED FIXED    
Severity: enhancement CC: odela01, R.Valentan
Priority: P3 Keywords: PatchAvailable
Version: 2.0-HEAD   
Target Milestone: ---   
Hardware: Other   
OS: other   
URL: http://www.dcl.hpi.uni-potsdam.de/home/loewis/username.diff
Attachments: The patch

Description Martin v. L 2003-06-20 15:45:22 UTC
Currently, mod_ssl can only set req->user to the DN, and only if FakeBasicAuth
is activated. This is insufficient if content handlers need to find out who the
authenticated user was. For example, Subversion looks into req->user to log the
author of a change upon commit.

This patch adds a new option SSLUserName, which can be configured to a mod_ssl
variable name. The option is a directory option, and it sets req->user if there
is an SSL connection, and the variable is non-NULL.

[Hoping I can attach the actual patch later]
Comment 1 Martin v. L 2003-06-20 15:47:30 UTC
Hmm. It appears I cannot attach the patch, so I publish it at


Comment 2 Thom May 2003-06-20 15:51:52 UTC
Created attachment 6915 [details]
The patch
Comment 3 Jeff Trawick 2003-11-21 22:22:09 UTC
enabling the PatchAvailable keyword
updated doc on submitting patches is at http://httpd.apache.org/dev/patches.html
Comment 4 Joe Orton 2004-06-03 15:04:23 UTC
Thanks for the patch and docs, Martin.  Changed to allow using SSLUserName
outside location context, and committed to HEAD, at last.
Comment 5 Jeff Trawick 2004-07-20 02:24:06 UTC
*** Bug 30173 has been marked as a duplicate of this bug. ***