Thread: SSLFakeBasicAuth ??
View Single Post
Old 12-12-2003, 01:45 PM  
Volantt
Confirmed User
 
Join Date: Nov 2003
Location: Penguin vs Devil
Posts: 745
Quote:
Originally posted by SGS
Sounds interesting but how much trouble would it be to impliment?
Not really hard at all, since PHP and OpenSSL are fully intergrated. Just after the customer signs up they would need to load a unique certificate that is generated for them into the browser.

Then when they visited https://www.somesite.com/login.php the certificate data would be retrieved and you could validate the session in mySQL and serve the content through normal http protocol.

The hard part would be to rewrite the API for the credit card processor to add/delete certificates from the access file when the membership is up.


V
__________________
"Only the dead have seen the end of war." - Plato
"In the abscence of orders, go find something and kill it." - Erwin Rommel
"A man's worth is no greater then the worth of his ambitions." - Marcus Aurelius
Last edited by Volantt; 12-12-2003 at 01:48 PM..
Volantt is offline   Share thread on Digg Share thread on Twitter Share thread on Reddit Share thread on Facebook Reply With Quote