iis security: Client Certificate Auth only for certain urls handled by ISAPI fil -- iis security

Re: Client Certificate Auth only for certain urls handled by ISAPI fil

Ken Schaefer
8/28/2007 12:00:00 AM

You will have to write your own code in your ISAPI filter to handle this.

Cheers
Ken

--
My IIS Blog: www.adOpenStatic.com/cs/blogs/ken

[quoted text, click to view]

Re: Client Certificate Auth only for certain urls handled by ISAPI fil

David Wang
8/31/2007 2:37:48 PM

On Aug 27, 11:18 pm, Kshitiz <Kshi...@discussions.microsoft.com>
[quoted text, click to view]

Configure IIS to enable SSL and require Client Certificates for those
URLs. If they don't exist as vdirs or physical directories in IIS,
then create IIsWebDirectory and IIsWebFile nodes as appropriate
placeholders for them in the Virtual namespace. Of course, none of
them need to map to the file system

Then, use GetServerVariable() with the various documented server
variable names to read the relevant Client Certificate data and do
your custom authentication/authorization.

//David
http://w3-4u.blogspot.com
http://blogs.msdn.com/David.Wang
//

Re: Client Certificate Auth only for certain urls handled by ISAPI

Kshitiz
9/5/2007 4:52:03 AM

Hi David,

Thanks for your inputs. However if you can elaborate more, it will be
helpful. I do not know how to define those URLs. Please provide more input on
that. If you can point to some document that will be great. Please provide
inputs on how to create
IIsWebDirectory and IIsWebFile without mapping them to physical directory.

Also I do not want to hard-code client certificate verification in my code.
I want it to be outside, which can be modified easily as per client
certificate.

Thanks,
Kshitiz

[quoted text, click to view]

Got something to say? Click here to post a reply to this thread.

Don't see what you're looking for? Try a search.

View other messages in the iis security group.