Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authorization via client certificates #13

Open
rcrowley opened this issue Jun 28, 2013 · 3 comments
Open

Authorization via client certificates #13

rcrowley opened this issue Jun 28, 2013 · 3 comments

Comments

@rcrowley
Copy link
Owner

Whether a part of the core or not, there should be a handler that can verify client certificates and possibly make authorization decisions on a per-route basis.
@lindemannrichard
Copy link

What is the status on that?

@mihasya
Copy link
Collaborator

mihasya commented Jul 28, 2014

There isn't anything pre-baked in TigerTonic, but since it operates on http.Handler's you can wire your own in fairly easily. I will tell you that we do this, and it was very fragile. for example, wrapping the ResponseWriter reference the way a lot of the tt handlers do causes the http.Request.TLS to not get populated because net/http rely on an internal implementation to be present. I haven't had the time to check if this is still the case in 1.3, but basically I would hesitate to release a pre-baked solution for this due to the fragility and documentation burden involved.

@lindemannrichard
Copy link

Hi mihasya, thank you for your response.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rcrowley @mihasya @lindemannrichard