I have done such a setup. The effort isn't in getting PLT to work, rather it's in getting mod_proxy to work correctly.<br><br>You likely need to do some URL munging, and for that you'll also need mod_proxy_html. <br>
<ul><li><p><a href="http://schemecookbook.org/Cookbook/HttpsWebservering">A tutorial on using Apache+SSL as PLT Frontend</a></p></li><li><p><a href="http://apache.webthing.com/mod_proxy_html/">mod_proxy_html</a> - Home to <code>mod_proxy_html</code> that can be used for in page link translation</p>
</li><li><p><a href="http://www.apachetutor.org/admin/reverseproxies">Reverse Proxy Tutorial</a> - An older tutorial on how to setup <code>mod_proxy</code> as a reverse proxy</p></li><li><p><a href="http://httpd.apache.org/docs/2.1/mod/mod_proxy.html#proxypassreversecookiedomain">ProxyPassReverseCookieDomain</a> - The directive to ensure cookie also works across proxy calls</p>
</li><li><p><a href="http://www.excalibur-partners.com/archives/6">Installing mod_proxy_html</a></p></li></ul>Also read up about selinux to ensure that your apache server can access network... <br><br>Cheers,<br><br><div class="gmail_quote">
On Wed, Oct 22, 2008 at 4:02 PM, Marek Kubica <span dir="ltr"><<a href="mailto:marek@xivilization.net">marek@xivilization.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">On Thu, 23 Oct 2008 00:56:07 +0200<br>
Marek Kubica <<a href="mailto:marek@xivilization.net">marek@xivilization.net</a>> wrote:<br>
<br>
> I'm planning to write an application using the PLT web server, that<br>
> will be run behind an Apache server which takes care about SSL client<br>
> certificate authentifaction and puts the user name into the<br>
> REMOTE_USER variable.<br>
<br>
</div>I picture says more then a hundred words. Even if it's ASCII.<br>
<br>
User's browser (with a client certificate and uername bob)<br>
|<br>
|<br>
v<br>
Apache (gets the HTTPS request)<br>
|<br>
|<br>
v<br>
mod_ssl (verifies the certificate against the CA, sets REMOTE_USER to<br>
bob)<br>
|<br>
|<br>
v<br>
mod_headers (sets some HTTP request header to the value of REMOTE_USER)<br>
|<br>
|<br>
v<br>
mod_proxy (forwards the modified request via HTTP internally)<br>
|<br>
|<br>
v<br>
PLT web server (accesses the user name from the header and runs app)<br>
<br>
My question is whether the PLT web server can handle something like<br>
this.<br>
<div><div></div><div class="Wj3C7c"><br>
regards,<br>
Marek<br>
_________________________________________________<br>
For list-related administrative tasks:<br>
<a href="http://list.cs.brown.edu/mailman/listinfo/plt-scheme" target="_blank">http://list.cs.brown.edu/mailman/listinfo/plt-scheme</a><br>
</div></div></blockquote></div><br>