Hi,
I know this is old post but I need help:
Apache configuration:
Code: Select all
<VirtualHost *:443>
SSLEngine On
SSLVerifyClient require
SSLVerifyDepth 10
#---------------------------------------
# grid certification
SSLCACertificatePath /usr/lib/ssl/certs/
SSLCADNRequestPath /usr/lib/ssl/certs/
#------------------------------------------------
# server cert
SSLCertificateFile /etc/apache2/ssl/server.crt
SSLCertificateKeyFile /etc/apache2/ssl/server.key
#------------------------------------------------
ServerName 150.254.148.60:443
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
</VirtualHost>
Here /usr/lib/ssl/certs/ I have installed CA.
I added to /usr/share/phpBB3/includes/auth_db.php new function:
phpb3 configuration:
Code: Select all
function autologin_db()
{
global $db, $config;
if ($_SERVER[SSL_CLIENT_VERIFY] == "SUCCESS")
{
$sql = "SELECT * FROM " . phpbb_users . "
WHERE username = '($_SERVER[SSL_CLIENT_S_DN_CN])'";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result);
$db->sql_freeresult($result);
if ($row)
{
return $row;
}
}
return array();
}
This is how this should work, if you have certificate installed in web-broswer accepted by CA installed on server and your user name in phpbb3 database is the same as certificate CN and you use https:// you should be autho loging into pbpbb3. Right now only the last part "you should be autho loged into pbpbb3" wont work ;/ no error i log file ;/
I'm not sure where and how call function autologin_db(). Perhaps instead of adding new function I should edit "login_db" function ?