client certificates

Aleksandar Lazic al-nginx at none.at
Thu Dec 28 04:25:05 MSK 2006


Hi,

I want to use some client certificates to act with my application user
db.

What I think is like this:

---
perl_set $pass MyAuthCheck;

location / {
    if ($pass) {
      .
      fastcgi_pass ...
      .
    }
    return 403;
}
---
MyAuthCheck(pseudo code):
---
.
.
if( select user from $DB where USER = mysql_quote($ssl_client_s_dn) ||
    select user from $DB where USER = mysql_quote($ssl_client_i_dn)){
.
.
  return OK;
}else {
  .
  .
  return DECLINED;
}
---

Is it possible to get the

http://wiki.codemongers.com/NginxHttpSslModule
=> variables at the bottom of the site into perl?

As far as I have understand the perl-module there is the same problem as
in lighty with lua:

http://trac.lighttpd.net/trac/wiki/Docs%3AModMagnet#overview

---
Keep in mind that the magnet is executed in the core of lighty. EVERY
long-running operation is blocking ALL connections in the server.
---

Is this assumption right?

Thanks for help ;-)

Aleks





More information about the nginx mailing list